Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tanr
Valued Contributor II

SSL Fatal Alert Received - unknown ca

Hi All,

 

I've recently been seeing a lot of "SSL Fatal Alert received" or "SSL Alert received" with the message being "certificate unknown" or "unknown ca".

 

When I track the associated IPs back, they almost all turn out to be big name owners: apple, google, dropbox, etc.

 

I'm assuming/hoping this is likely due to more servers being put online and new server or intermediate ca certs getting generated that haven't percolated through Fortinet's system yet.

 

Just wanted to check if others are seeing the same thing or if there could be something else going on?

 

Thanks.

2 REPLIES 2
mjcrevier
New Contributor III

Where are the clients located in relation to the firewall they're going through?

Are they hitting a policy with certificate inspection or full SSL inspection enabled?

What firmware are you running?

tanr
Valued Contributor II

FortiOS 6.0.9 with clients located on same site as FortiGates (seeing at two locations).

 

Seeing this both on policies that only have certificate inspection and on policies that have full SSL inspection enabled.