Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Erik-dft
New Contributor

Created on ‎02-18-2022 02:02 PM

SSL sites suddenly getting blocked all over (different Fortigates)

We manage a few dozen Fortigate units for our customers.  Starting yesterday, sites started getting blocked with SSL errors.  

 

This is across different fortigates (60E to 200F) and different versions 6.4x to 7.0.4

 

Turning off all UTM features of a policy seem to help.  But it's very weird.

 

Firefox reports it as "NET::ERR_CERT_COMMON_NAME_INVALID"

 

But the site is just fine and so is the cert.  It's happening on big sites like banks and even the fortinet support site.

 

I also saw a log message that fortinet's DNS server went unavailable for a bit.

 

anyone else having issues like this?

 

Labels:
2068
0 Kudos
2 REPLIES 2
lior
New Contributor III

Created on ‎02-19-2022 12:44 AM

Yes, mine started blocking sites too with this message:

 

FORTINET Webfilter

This Connection is Invalid. SSL certificate expired.

1998
0 Kudos
SveN2
New Contributor

Created on ‎02-19-2022 07:51 AM

Hi, not sure if that's what you have, but when I read "let's encrypt" this came to my mind:

https://www.fortinet.com/blog/psirt-blogs/fortinet-and-expiring-lets-encrypt-certificates

have a nice day

1984
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.