Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fran1942
New Contributor

Deep packet inspection

Hello, I just finished a session with Fortigate tech support. The problem is that we occasionally have websites that fail to load via our Fortiate Deep packet inspection policy. For example '[link]https://www.sassandbide.com'.[/link]

When connecting with Google Chrome browser, the error is : 'You cannot visit www.sassandbide.com right now because the website sent scrambled credentials that Google Chrome cannot process." When connecting with Internet Explorer, the error is 'The security certificate presented by this website is not secure.' It is then impossible to proceed. When connecting with Firefox, the error is: 'SEC_ERROR_BAD_SIGNATURE'.

 

It was successfully working with the Fortigate tech support team. The only point of difference is that we are using our own Root CA generated certificate which is installed on our Forigate rather than the Fortigate default root CA cert.

Therefore we thought this must be the point of failure. I am just wondering how could our root CA cert be causing the errors outlined above with just the odd, rare website. All it is doing is re-writing the certificate and negoitating communication with our LAN clients.

Thanks for any insight.

0 REPLIES 0
Labels
Top Kudoed Authors