This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTPS scanning and ebay

Hi All

I 've enabled HTTPS scanning and most of the sites work as expected (I've just imported the HTTPS CA using mmc). I've tested downloading eicar using https and astaro blocked it.

However, for some reason ebay.co.uk doesn't work. I;ve tried to add it to my exception(checking the https boxes) as "ebay.co.uk" ,"ebay.com","ebay" but it doesn't work.

It is strange cause ebay.com works fine. I think this happens because the cert of ebay.co.uk is the ebay.com. I 've attached the relevant pics

Any ideas guys?

This thread was automatically locked due to age.

0 rfcat_vk over 14 years ago

Hi,
I just connected to ebay.co.uk without any problems.

I did have a lot of problems with certificates when I upgraded from 7.490 to 7.500, all my certificates were invalid.

Ian M

XG115W - v20.0.2 MR-2 - Home

XG on VM 8 - v21 EAP

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 wingman over 14 years ago

thanks Ian

I can connect to ebay.com with no issues but i am stil getting the cert error on ebay.co.uk
I added "ebay" under the https exceptions so I would assume that I shouldn't get the error

I don't believe it's a cert issue since all other website work fine (i.e paypal,hotmail,windows update etc)
Cancel
Vote Up 0 Vote Down

Cancel

0 wingman over 14 years ago

update: I've added the exception *ebay./ and now ebay is not scanned for https

However, if you guys have it working I would like to know how and why it's only ebay.co.uk that doesn't work and prompts for a certification

Is the message below normal ?

2009:10:04-00:50:15 stuffman httpproxy[19483]: [ (nil)] confd_exception_filter (confd-client.c:1567) compilation of pattern "*ebay./" failed, position 0: nothing to repeat

2009:10:05-22:06:33 stuffman httpproxy[30328]: [ 0x83f7578] ssl_log_errors (ssl.c:41) C: 30328:error:140ED0E5:SSL routines:SSL23_PEEK:ssl handshake failure:s23_lib.c:165:

0 wingman over 14 years ago

ebay.co.uk still doesn't work

I am getting the following error


2009:10:08-21:01:41 stuffman httpproxy[5727]: [ 0x81b4fb0] ssl_cert_read (ssl.c:122) certificate invalid, removing

2009:10:08-21:01:41 stuffman httpproxy[5727]: [ 0x81b4fb0] ssl_certcache_lookup (ssl.c:409) failed to read cert: Invalid argument

0 wingman over 14 years ago

issue fixed

I've browsed to a https with wrong certificate and -as you can see by the pic attached- I had the option to add an exception.

I've noticed that the url should have "^" in order to work

example for alowing ebay.co.uk is

^https://signin.ebay.co.uk
- Capture.PNG
- View
- Hide
Cancel
Vote Up 0 Vote Down

Cancel

0 wingman over 14 years ago

update:

after reboting my pc I am still getting the certificate page on ebay.co.uk

Relevant log:

2009:10:11-18:34:03 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="301" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="0" time="585 ms" request="0xa7de2020" url="ebay.co.uk/.../Classifieds"

2009:10:11-18:34:05 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="37949" time="1501 ms" request="0xa7d596e8" url="www.ebay.co.uk/.../html"

2009:10:11-18:34:07 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="10189" time="1396 ms" request="0xa7de2020" url="srx.uk.ebayrtm.com/rtm

2009:10:11-18:34:09 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="799" time="963 ms" request="0xa7dfd300" url="uk.ebayobjects.com/.../html"

2009:10:11-18:34:09 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="304" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="0" time="755 ms" request="0xa53162f0" url="deals.ebay.co.uk/.../Classifieds"

2009:10:11-18:34:09 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="690" time="1227 ms" request="0xa7d68128" url="uk.ebayobjects.com/.../html"

2009:10:11-18:34:13 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="63" time="913 ms" request="0xa531c678" url="clients4.google.com/.../

2009:10:11-18:34:16 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="16679" time="976 ms" request="0xa7dfd008" url="signin.ebay.co.uk/.../eBayISAPI.dll

2009:10:11-18:34:19 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="383" time="631 ms" request="0xa7d68128" url="srv.uk.ebayrtm.com/rtm

2009:10:11-18:34:20 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="2" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="1478" time="762 ms" request="0xa7d7fad0" url="secureinclude.ebaystatic.com/.../x-shockwave-flash"

0 Sascha Paris over 14 years ago in reply to wingman

This is fascinating. Same issue happens here, when i try to use my bookmarked direct https link to ebay ==> https://www.ebay.ch

Problem is, that the ebay servers are loadbalanced (multiple IP's behind FQN), and every new request lands on a new server. 2nd Problem, the certificate warning will popup, because in the certificate is not the hostname as CN, there is always another IP of ebay in there.

But when I open ebay via HTTP and go from there to login, it works flawlessly...then the servers also issue me a certificate with correct FQN as CN.

Strange...
Cancel
Vote Up 0 Vote Down

Cancel
0 wingman over 14 years ago

I had the same issue and The worked around was to add an exception for the Ebay network. The problem I am facing is that if I try eBay - The UK's Online Marketplace and tr to sign in, the Certification fails as it is signed as signin.ebay.com. I have this issue only with co.uk website.

Any ideas how to resolve it?
Cancel
Vote Up 0 Vote Down

Cancel
0 Sascha Paris over 14 years ago in reply to wingman

I got for me with transparent http/s Proxy following workaround which seems to work so far.

Create 2 DNS Groups
1 DNS Group for signin.ebay.com (always needed)
1 DNS Group for your local top level domain(s) which you use to log in into ebay (for me signin.ebay.ch in Switzerland)

Put these 2 DNS groups in the transparent skiplist of the HTTP/S Proxy

This way i can login without these certificate warnings, and ebay seems to work fine as far as I have tested.

Hope this helps you guys with this ebay issue. [:)]
Cancel
Vote Up 0 Vote Down

Cancel
0 NicolasPerrot1 over 14 years ago in reply to Sascha Paris

I got for me with transparent http/s Proxy following workaround which seems to work so far.

Create 2 DNS Groups
1 DNS Group for signin.ebay.com (always needed)
1 DNS Group for your local top level domain(s) which you use to log in into ebay (for me signin.ebay.ch in Switzerland)

Put these 2 DNS groups in the transparent skiplist of the HTTP/S Proxy

This way i can login without these certificate warnings, and ebay seems to work fine as far as I have tested.

Hope this helps you guys with this ebay issue. [:)]

I tried this solution. For the beginning it works. After a couple of hours the warnings come back.

I delete the two entries from skiplist and add them again .... and it works fine for again some hours .... then certificate error again.

I don't know what to do. I have the problem only with ebay.

It's no browser-cache-problem ! Unbeliveable !

Any solutions ?
Cancel
Vote Up 0 Vote Down

Cancel