[Solved] Unable to access Fireabaseapp SSL website when ssl inspection is On
We are using theXS Mapping Sheets Google Apps plugin which used to work fine until tuesday 16th of august.
Since then, wen we try to connect, we get an SSL error.
Using openssl: here is what we get :
openssl s_client -connect thexs-mapping.firebaseapp.com:443 CONNECTED(00000003) 139984351467176:error:14077419:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert access denied:s23_clnt.c:749: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 290 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE
Our web connexion is using a Fortinet 100D installed on the begining of july.
- If I try this app not using the Fortigate unit (we also have an old Netgear), it works fine.
- Qualys SSL test shows a score of A+ for this domain.
- If I disable SSL inspection (check certificate only, no full inspection) on the LAN to WAN policy, the site works fine.
- We don't block anything on our Fortigate for web, app and ssl inspection.
- I can't find any special event in the Fortigate saying that this site is blocked (in attachment is an event corresponding to the problem)
Do you have any idea on how to solve this problem ? Ididn't find a way to bypass SSL inspection for specific domains.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.