Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 1 subscriber
  • Views 12989 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTPS Proxy Java Update fails

Der_Stift
Hi,

we do have the webfilter https proxy enabled. and our clients wont get any java updates. 
When I clieck on Java Update, the Certficate shows up (CA is our UTM, Owner is oracle.com) so I click yes accept the certificate and nothing happens. 

I added akamaitechnologies, java, oracle and sun as DNS-Group to the webfilter->advanced-> transparent mode exceptions and I disabled all Cert Checks for this 3 hosts as well. I dont get any information in the webfilter-logs. So I guess that oracle doesnt accept our selfsigned cert.

Any idea?

Regards


This thread was automatically locked due to age.
Parents
  • 0
    You are correct.  Because of the way DNS works, there's no way to query for all IPs of all subdomains of a domain.  I think there's a feature request that suggests creating a new definition type for the transparent mode skiplist that uses reverse DNS.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    You are correct.  Because of the way DNS works, there's no way to query for all IPs of all subdomains of a domain.  I think there's a feature request that suggests creating a new definition type for the transparent mode skiplist that uses reverse DNS.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    I'm having another problem with Java Update.

    I added javadl-esd-secure.oracle.com to my transparent skiplist. The problem now is, that we included .msi to our blocked file extensions but the Java Update is a .msi

    Can I set a exclusion just for javadl-esd-secure.oracle.com and .msis from there?

    thanks in advance

    Max

    the new sophos board sucks... :-( please give us the old one back.

Unfiltered HTML