Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
IShall
New Contributor

Fortigate replacing/altering certificate - SSL inspection problem ?

Hello,

I have installed a Fortigate (200E, 5.6.4) as an inline IPS (VDOM running in transparent mode).

Now when users attempt to connect to an SSL device through which the traffic is passing, the certificate is presented to the user as  coming from the Fortigate, not the correct valid certificate on the device.

 

What is causing this and how do I get around it ?

 

Kind regards,

IShall.

FGT310B MR3 Patch 15 FMGR MR3 Patch 8
FGT310B MR3 Patch 15 FMGR MR3 Patch 8
1 REPLY 1
IShall
New Contributor

Found my issue, apparently is a bug in 5.6.4.

Default "certificate-inspection" profile when creating a transparent mode VDOM is "Full Inspection", not "Certificate Inspection". Was not looking closely enough :(

 

FGT310B MR3 Patch 15 FMGR MR3 Patch 8
FGT310B MR3 Patch 15 FMGR MR3 Patch 8
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors