Web Protection: Web Filtering & Application Visibility/Control Webproxy "overrides" certificate?

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 6 replies
Subscribers 4 subscribers
Views 1774 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Webproxy "overrides" certificate?

GernotMeyer over 5 years ago

Hi all,

we have an UTM 9.5. Webproxy is in Standard Mode and SSL scan is off.

There is one external page with a valide certificate. Calling that page (SSL) with any browser is fine.

When login to an application on this page, the "unsafe" webproxy CA Certificate from the UTM shows up.

Accepting twice (unsafe certificate) the valide cert from that page comes back again.

That phänomen is only with IE (on all computers), not with Firefox or chrome and only one page.

So turning off the webproxy from standard to transparent mode and the problem is gone.

I have no idea what causes this reaction. What causes the UTM proxy to replace a cert from an external page?

This thread was automatically locked due to age.

Parents

0 Michael Dunn over 5 years ago

If HTTP scanning is off then the proxy normally only replaces the certificate (does man-in-the-middle) if it needs to block access for some reason (either block or error). It does this to display a custom page to the user instead. For example if a page loads something that links to another HTTPS page for a domain that does not exist, the UTM will do a MITM to display a "web page cannot be found".

You would need to look at the httpproxy logs to know more.

If this is just a single site, you can create an exception for it.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Michael Dunn over 5 years ago

If HTTP scanning is off then the proxy normally only replaces the certificate (does man-in-the-middle) if it needs to block access for some reason (either block or error). It does this to display a custom page to the user instead. For example if a page loads something that links to another HTTPS page for a domain that does not exist, the UTM will do a MITM to display a "web page cannot be found".

You would need to look at the httpproxy logs to know more.

If this is just a single site, you can create an exception for it.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data