Hello all. Web filtering with Full SSL Inspection, we've deployed the FW default certificate to end user PCs and for the most part inspection runs without a hitch. Sometimes however we get a cert error like the one I've attached (I was testing to make sure the FW completely kills UltraSurf). The certificate says it's from *.fortinet.com when it should say it's from "ultrasurf.us" or whichever website the user was trying to get to in the first place. Why does this happen? I'd appreciate any guidance you can offer.
Bromont_FTNT wrote:Thanks for your reply. On some block pages that work properly, the certificate shows the webserver hostname as expected. How would I account for the *.fortinet.com name being used? Please see attached.You said you want to block ultrasurf.us right? So basically the Fortigate is trying to show the Blocked Page which of course would have the Fortinet certificate but the browser is expecting ultrasurf
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.