Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 1 subscriber
  • Views 6367 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTPS scanning and ebay

wingman
Hi All

I 've enabled HTTPS scanning and most of the sites work as expected (I've just imported the HTTPS CA using mmc). I've tested downloading eicar using https and astaro blocked it.

However, for some reason ebay.co.uk doesn't work. I;ve tried to add it to my exception(checking the https boxes) as "ebay.co.uk" ,"ebay.com","ebay" but it doesn't work.

It is strange cause ebay.com works fine. I think this happens because the cert of ebay.co.uk is the ebay.com. I 've attached the relevant pics

Any ideas guys?


This thread was automatically locked due to age.
Parents
  • 0
    update:

    after reboting my pc I am still getting the certificate page on ebay.co.uk

    Relevant log: 

    2009:10:11-18:34:03 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="301" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="0" time="585 ms" request="0xa7de2020" url="ebay.co.uk/.../Classifieds"

    2009:10:11-18:34:05 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="37949" time="1501 ms" request="0xa7d596e8" url="www.ebay.co.uk/.../html"

    2009:10:11-18:34:07 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="10189" time="1396 ms" request="0xa7de2020" url="srx.uk.ebayrtm.com/rtm

    2009:10:11-18:34:09 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="799" time="963 ms" request="0xa7dfd300" url="uk.ebayobjects.com/.../html"

    2009:10:11-18:34:09 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="304" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="0" time="755 ms" request="0xa53162f0" url="deals.ebay.co.uk/.../Classifieds"

    2009:10:11-18:34:09 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="690" time="1227 ms" request="0xa7d68128" url="uk.ebayobjects.com/.../html"

    2009:10:11-18:34:13 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="63" time="913 ms" request="0xa531c678" url="clients4.google.com/.../

    2009:10:11-18:34:16 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="16679" time="976 ms" request="0xa7dfd008" url="signin.ebay.co.uk/.../eBayISAPI.dll

    2009:10:11-18:34:19 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="0" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="383" time="631 ms" request="0xa7d68128" url="srv.uk.ebayrtm.com/rtm

    2009:10:11-18:34:20 stuffman httpproxy[15845]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.2.11" user="" statuscode="200" cached="2" profile="REF_feefDrZrCB (Zone 1)" filteraction="REF_DefaultHTTPCFFBlockAction (Zone 1)" size="1478" time="762 ms" request="0xa7d7fad0" url="secureinclude.ebaystatic.com/.../x-shockwave-flash"
  • 0 in reply to wingman
    This is fascinating. Same issue happens here, when i try to use my bookmarked direct https link to ebay ==> https://www.ebay.ch

    Problem is, that the ebay servers are loadbalanced (multiple IP's behind FQN), and every new request lands on a new server. 2nd Problem, the certificate warning will popup, because in the certificate is not the hostname as CN, there is always another IP of ebay in there.

    But when I open ebay via HTTP and go from there to login, it works flawlessly...then the servers also issue me a certificate with correct FQN as CN.

    Strange...
Reply
  • 0 in reply to wingman
    This is fascinating. Same issue happens here, when i try to use my bookmarked direct https link to ebay ==> https://www.ebay.ch

    Problem is, that the ebay servers are loadbalanced (multiple IP's behind FQN), and every new request lands on a new server. 2nd Problem, the certificate warning will popup, because in the certificate is not the hostname as CN, there is always another IP of ebay in there.

    But when I open ebay via HTTP and go from there to login, it works flawlessly...then the servers also issue me a certificate with correct FQN as CN.

    Strange...
Children
No Data
Unfiltered HTML