Hello, There already is a post on this, but this seems like a more
appropiate forum. Is there a way to allow/whitelist only the peers that
are known (via an address group) to do IPSec (UDP500/4500) to the
FortiGate device? We are getting a lot of uns...
No, the CA certificate is pinned, that's why it is not trusted.HSTS in
Chrome is basicly enforcing this:[ol]Lookup google.com in my HSTS
listFound, allow connection to google.com only over HTTPSAnd only allow
an HTTPS connection where the public key ...
That doesn't help.The browsers uses HSTS and checks that the certificate
is signed by a certain CA.That is the error that is seen in the browser
on the client. We are not even using deep inspection, just
certificate-inspection.This happens because th...
Hello, I'm trying to achieve the same thing as we have a lot of these
messages in our logs too.I was able to turn on the local policy in the
GUI and was also able to create a local-in policy throught the
CLI.However I do not see the created policy in...
