Hot!Fortigate Certificate Popup when launching outlook

Author
sunny007
New Member
  • Total Posts : 5
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/05/29 07:59:34
  • Status: offline
2018/06/01 07:12:41 (permalink) 5.0
0

Fortigate Certificate Popup when launching outlook

We're having an issue where we're being asked for Certificate continuously when outlook is accessing office365.   The Fortigate is configured in explicit mode, and we've setup a address group and included fqdn of office 365 and allowed it on explicit policy rule and disabled SLL inspection. 
 
Like below: 
edit "Clone of office365"

set member 365_.microsoftonline-p.com 365_.microsoftonline.com 365_.onmicrosoft.com 365_.outlook.com 365_.public-trust.com 365_.sharepoint.com 365_.verisign.com 365_.verisign.net 365_appexsin.stb.s-msn.com 365_auth.gfx.ms 365_autodiscover 365_crl.microsoft 365_d.docs.live.net 365_evsecure-aia.verisign.com 365_evsecure-crl.verisign.com 365_evsecure-ocsp.verisign.com 365_go.microsoft.com 365_login.live.com 365_login.microsoftonline.com 365_m.webtrends.com 365_microsoft-my.sharepoint.com 365_ms.tific.com 365_msft.sts.microsoft.com 365_o15.officeredir.microsoft.com 365_odc.officeapps.live.com 365_odcsm.officeapps.live.com 365_office.microsoft.com 365_office15client.microsoft.com 365_officeimg.vo.msecnd.net 365_roaming.officeapps.live.com 365_sa.symcb.com 365_sd.symcb.com 365_smtp.office365.com 365_wer.microsoft.com outlook.office365.com outlook.office365.com.g.office365.com
set member 365_crl.microsoft 365_evsecure-ocsp.verisign.com 365_evsecure-aia.verisign.com 365_evsecure-crl.verisign.com evsecure-crl.verisign.com 365_sa.symcb.com 365_sd.symcb.com 365_office15client.microsoft.com 365_odc.officeapps.live.com 365_go.microsoft.com 365_login.microsoftonline.com 365_msft.sts.microsoft.com 365_odcsm.officeapps.live.com 365_microsoft-my.sharepoint.com 365_microsoft-my.sharepoint.com 365_ms.tific.com 365_roaming.officeapps.live.com 365_o15.officeredir.microsoft.com 365_office.microsoft.com 365_officeimg.vo.msecnd.net 365_m.webtrends.com 365_d.docs.live.net 365_login.live.com 365_auth.gfx.ms 365_wer.microsoft.com 365_appexsin.stb.s-msn.com 365_autodiscover
edit "365_crl.microsoft"

set type fqdn
set fqdn "crl.microsoft.com"
next
edit "365_evsecure-ocsp.verisign.com"

set type fqdn
set visibility disable
set fqdn "evsecure-ocsp.verisign.com"
next
edit "365_evsecure-aia.verisign.com"
 
Allowed this on Explicit Proxy policy and removed SLL inspection, but we still get the Popup
 
Sunny

Attached Image(s)

#1

0 Replies Related Threads

    Jump to:
    © 2018 APG vNext Commercial Version 5.5