Hi All,
we recently upgrade the firmware to 6.2.2, then to 6.2.4. Now, we are getting random certificate errors when trying to visit websites. It doesn't happen all the time, just every now and then, and for totally different sites. However, it's always the same, with an "UNKNOWN ISSUER" error on the certificate, which appears to have been "issued" by Fortinet.
We don't do DPI, we only have "certificate inspection" on our web filtering rules.
The error is highlighted in the attached image. Even though the cert is for itunes.apple.com it appears to have been issued by fortinet.
Any help would be appreciated.
Regards,
Chris.
Did you "diag debug flow" when accessing that website and what does the output show ? And how is you web filter rules for that site and what is allowed or not allowed?
Also open a new browser in incognito does it do the same error?
Ken Felix
PCNSE
NSE
StrongSwan
Hi Ken,
thanks for the response. Unfortunately the errors are random and they come and go. I will try the incognito window idea to see if that reduces the incidence of errors.
Cheers,
Chris.
lhsit wrote:Hi Ken,
thanks for the response. Unfortunately the errors are random and they come and go. I will try the incognito window idea to see if that reduces the incidence of errors.
Cheers,
Chris.
Did you find anything in the meantime?
The most expensive and scarce resource for man is time, paradoxically, it' s infinite.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.