Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Robert_Cerny
New Contributor II

SSL certificate inspection block

Hi folks,

looking for an idea here. I use ssl certificate-inspection (default, not deep) on HTTP/HTTPS firewall rule and it recently started to block server https://idos.idnes.cz. I had to allow invalid certificates to get this site to work. I also checked their certificate and it seems to be valid, issued by Sectigo RSA. Does anyone know what's going on here? Where can I find what our FG doesn't like?

 

Thanks

Robert

FG-100C FG-100A FW-50B FG-60C
FG-100C FG-100A FW-50B FG-60C
1 REPLY 1
andrewbailey
Contributor II

Hi Robert,

 

I'm running a Fortigate 60E at home on 6.4.1. I am also only using SSL Inpsection (not deep insepction). I'm set to block invalid certificates.

 

I don't seem to have any issues with that site and certainly as you say the certificate looks valid to me.

 

Not sure if that helps much? But perhaps points to config or software issue on your site maybe?

 

Kind Regards,

 

 

Andy.

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors