Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mseiler0815
New Contributor

SSL Decryption Log

Hello,

 

I'm testing SSL Decryption (Deep inspection) on my Windows Computer.

How can I find out why some pages are not shown in the browser or why is some content not shown on a page with videos or pictures. The issue is clear, one or more pages can't be decrypted (Cert Pinning/HSTS/Cyphers not supported/Mutual authentication).

But I can't find the logs in the Fortimanager. I want to see which connection is responsible and what caused the issue.

 

How do you troubleshoot this kind of issue. Which logs do you use? 

 

Or is there a CLI command to troubleshoot? This would be very helpful.

 

Regards

 

Michael 

1 REPLY 1
RinoBroer
New Contributor II

Dear Michael,

 

Good question, I have this question myself but I think this is the reason: the client does not accept the connection because of cert pinning, HSTS etc. and for this reason the client actively stops the connection.

 

Because the client closes the connection in a usual way no errors will be logged. I have tested this extensively with FileZilla > Help > Check for updates and have come to the above conclusion. Currently, I exclude these domain names from deep inspection.

 

But, If this problem is somehow traceable in the logs then I would like to hear about it!

 

FileZilla traffic capture

DPI_fails_FileZilla_update.png

 

 

Rino Broer - NSE 1-4