Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AHJARR
New Contributor II

Created on ‎11-22-2024 06:33 AM

SSL Deep Inspection not working with Chrome and Edge browsers and web filtering

I've configured a policy with SSL Deep Inspection for my company and installed the Fortigate CA certificate on our devices in order to now be shown the certificate warning. However (on both mac and windows devices) when using Firefox it does seem to work correctly and the certificate shown by the browser is the Fortigate's, though when using either Chrome or Edge the certificates shown in the browser.

Screenshot 2024-11-22 152455.png

I have even a problem with web filtering I'm blocking social media and still have access to all social media 

 

Did anyone have an idea what is the problem?

 

Thank you 

 

 

466
0 Kudos
7 REPLIES 7
ebilcari
Staff
Staff

Created on ‎11-22-2024 07:17 AM

The difference is that Firefox by default uses it's own trusted store, Edge and Chrome will use the trust store of the OS. Try to import the FGT certificate to the trusted root store of the OS.

Try to block the social media by creating an Application Control policy.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
451
0 Kudos
AHJARR
New Contributor II
In response to ebilcari

Created on ‎11-22-2024 07:39 AM

Hello @ebilcari Thank you for reply 

The Application Control policy worked just fine. What do you mean by import the FGT certificate to the trusted root store of the OS. OS?

 

Thanks 

438
ebilcari
Staff
Staff
In response to AHJARR

Created on ‎11-22-2024 07:58 AM

I was referring to the Trusted root store of the operating system (Mac or Win), for windows the FGT certificate should be imported here:

cert trust store.PNG

For MacOS should be similar.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
431
0 Kudos
AHJARR
New Contributor II
In response to ebilcari

Created on ‎11-22-2024 08:47 AM

image.jpg

Doesn’t work I don’t understand!

408
0 Kudos
ebilcari
Staff
Staff
In response to AHJARR

Created on ‎11-22-2024 08:52 AM

Make sure you select the root certificate from the chain and you need to install it as 'Local Machine' and 'Trusted Root Certification Authorities', do not go with default options of the wizard.

tristca.PNG

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
404
0 Kudos
AHJARR
New Contributor II
In response to ebilcari

Created on ‎11-22-2024 09:22 AM

 

Yes I make sure that as a local machine

and 'Trusted Root Certification Authorities' And still doesn’t work:weary_face:

 

391
0 Kudos
ametkola
Staff
Staff

Created on ‎11-22-2024 08:11 AM

Hello @AHJARR ,

If the web filter is not able to block the expected traffic using Chrome or Microsoft Edge. You can go through the article >> https://community.fortinet.com/t5/FortiGate/Technical-Tip-Web-filter-is-not-blocking-websites-on-Goo...

to perform the steps as recommended and check again the behaviour. 

 

Regards,

 

 

 

422
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.