This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

"Blocked due to using client certificate" error in SSL/TLS Inspection Log and how to bypass

Brian1941 over 1 year ago

I have an application, Parallels Access, that as part of its login process connects to different Parallels websites. I am getting the error "Blocked due to using client certificate" that then fails the connection, and I can't log in to the Parallels server.

The sites it tries to connect to are of the format ec2-3-101-60-253.us-west-1.compute.amazonaws.com. Each connection attempt has different ip addresses in the links.

I'm on an XGS125w with SFOS 19.5.1 MR-1-Build278 on my home LAN.

How to I get around these errors? I need to connect to these site to log into Parallels Access.

This thread was automatically locked due to age.

Top Replies

rfcat_vk over 1 year ago +1 suggested

Hi, please try adding a web exception for the Parallels FQDN to web exceptions page. Ian

0 rfcat_vk over 1 year ago

Hi,

please try adding a web exception for the Parallels FQDN to web exceptions page.

Ian

XG115W - v20.0.2 MR-2 - Home

XG on VM 8 - v21 GA

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up +1 Vote Down

Cancel
0 rfcat_vk over 1 year ago

Hi,

I would suggest you change this internet access to use the proxy, the DPI engine does have some peculiarities.

Ian

XG115W - v20.0.2 MR-2 - Home

XG on VM 8 - v21 GA

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 Brian1941 over 1 year ago in reply to rfcat_vk

still working on it..
Cancel
Vote Up 0 Vote Down

Cancel
0 rfcat_vk over 1 year ago in reply to Brian1941

Hi,

please post a screenshot of the error, because the error does not look like an XG error, but a web browser error.

Then th next step is to create firewall rule not using any settings other then source LAN, any, destination Wan any, all services, log.

Ian

XG115W - v20.0.2 MR-2 - Home

XG on VM 8 - v21 GA

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 Brian1941 over 1 year ago in reply to rfcat_vk
Cancel
Vote Up 0 Vote Down

Cancel
0 rfcat_vk over 1 year ago in reply to Brian1941

Basically the error message is showing that your exceptions are not setup correctly.

Ian

XG115W - v20.0.2 MR-2 - Home

XG on VM 8 - v21 GA

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 Brian1941 over 1 year ago in reply to rfcat_vk

I know, that's part of the problem. Each time I get the Cliet certificate message, it's to a different address, and the connection category is 'IP Address' so I don't know if it is possible to create an exception for that.
Cancel
Vote Up 0 Vote Down

Cancel