This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Your Connection is not Private on Blocked Sites

Hi I'am new to Sophos UTM,

I have a Web Filtering Policy blocking Categories including facebook and youtube.

Some sites when blocked are showing the company's logo with web messages but there are also some sites especially facebook and youtube only showing this.

Your connection is not private

Attackers might be trying to steal your information from facebook.com (for example, passwords, messages, or credit cards). Learn more

NET::ERR_CERT_AUTHORITY_INVALID

 

Please help me fix this. Thank you



This thread was automatically locked due to age.
  • Hello,

    Thanks for the response but I still can't understand the thread in the link you've given.

  • Have you got the Proxy certificate installed?

    If not, goto:

    [Web Protection] > [Filtering Options] > {HTTP CAs] > [Signing CA] > [Download]

     
    SFVH (SFOS 20.0.0 GA-Build222) - Last (re)boot on November 6th  2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
  • Hi,

    Thanks but I still have the same issue. 

    Your connection is not private

    Attackers might be trying to steal your information from youtube.com (for example, passwords, messages, or credit cards). Learn more

    NET::ERR_CERT_AUTHORITY_INVALID
     
    But other blocked sites showing this one. 
  • But just to be clear: did you install the proxy certificate on your client?

    According to the RULZ (https://community.sophos.com/products/unified-threat-management/f/general-discussion/22065/rulz) the proxy rule (#7) is tested before the application rule (#9).

     
    SFVH (SFOS 20.0.0 GA-Build222) - Last (re)boot on November 6th  2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
  •  Seems like a Chrome error (https://www.digitbin.com/neterr-cert-invalid-chrome-fix/)

    Have you tried testing this with others browsers?

     

    I've managed to replicate your error. It appeared while using Chroium (Linux Mint 19.1) but not while using FireFox on the same machine.

     
    SFVH (SFOS 20.0.0 GA-Build222) - Last (re)boot on November 6th  2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
  • As I thought the other document explained, this is expected behavior.  You must distribute the UTM root certificate to your client devices to fix the problem.

    To display a block message, UTM must impersonate the destination server.  For HTTP sites, this can be done because HTTP does not validate the responding system.   When the site is HTTPS, UTM has to get past the server authentication test before it can display the block message.  If the root certificate is on the client desktop, the block message displays.   If not, the browser displays a warning.   Most browsers give you the option to proceed anyway.  I believe that Edge will not allow you to proceed past the warning.

    Firefox is difficult because it does not use the system certificate store, but uses a per-user store instead.   At one point I thought they were going to change this, but I don't use Firefox anymore so I do not know if it was ever done.

    If you are having certificate warnings on allowed sites, the problem is different.   IF you have decrypt-and-scan enabled, some connections will fail because UTM and the remote site cannot negotiate a shared ciphersuite.   The workaround is to bypass https inspection for any such sites.

    You may benefit from reading the other material in the WiKi section, and the "Web Filtering Lessons Learned" document which is pinned to the top of the webfiltering forum.   This part of the product works extremely well.  I don't understand what other information you need. 


  • The most common cause of connection is not private is an incorrect date & time set on your PC. Chrome makes sure that your computer's clock matches the clock in a Google server farm, and if it doesn't, it will block the connection to HTTPS sites for security reasons.

    To fix your issue, set your computer's clock to the correct current time.

    Go to System Preferences
    Choose Date & Time
    Navigate to the Date & Time tab
    Change the current time to the correct time (accurate to the nearest minute will do).
    Edit: If it's not your computer's fault, it's just a Chrome security feature. Chrome detects malicious activity going on with the site (like malware-laced ads, breach by hackers, etc.) and automatically warns you to protect you if it believes your security or safety might be at risk. If you want to override the warning, just hit Advanced -> Continue to site.

  • Edit: If it's not your computer's fault, it's just a Chrome security feature. Chrome detects malicious activity going on with the site (like malware-laced ads, breach by hackers, etc.) and automatically warns you to protect you if it believes your security or safety might be at risk. If you want to override the warning, just hit Advanced -> Continue to site.

     

    Well, chrome's anti-malware protection is so weak and so poor, that I think it's kinda their marketing step, not something serious against malware threats. Sometimes, it turns out that people had malware at their PC or mobile device, and web-browser said nothing about it when was downloading a file. You can look at this article ( website: cybersummitusa.com/.../ ), to understand the recent trends of hackers actions during coronavirus quarantine, cause they use it as their helpful instrument.

  • I also have SSL enabled on my site. But sometimes it shows the same error message. I checked the SSL certificate and it is valid. I don't understand why it happens. If someone knows the solution, please reply.