Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mla
New Contributor

certificate problem

Hi,

large environment...

Fortinet Firewalls and Proxy in top of the structure...

I do not manage or access them, but definitely can report about problem or the solution found to my issue.

 

The situation:

1. Outlook 365 in place. Most of the users accessing e-mail through Outlook web.

There are no problem when accessing e-mail using web browser. 

However, the users (including myself) who do use Outlook 2016 client experiencing the certificate error pop up on each Outlook opening and sometimes during the day even when it is opened.

Clicking Yes or No doesn't change the ability to use Outlook 2016.

Sure it is not a solution, but just to be sure I tried to install the Certificate for Current user and Local machine manually. If I had a certificate in hand, may be deploying by GPO could be a solution.

But with all being said, I have a feeling that the issue could be simply fixed on Fortinet proxy.

 

 2.  The info I am getting in the message is a bit confusing... the certificate is VALID, but "The security cert was issued by a company you have not chosen to trust..."

Sure that neither me nor other users not chosen to NOT trust this certificate :).

And the problem coming from "over the rainbow"... It was previously reported but no measures were taking... probably the person who checked the complain just didn't have a clear understanding.

 

I think that here on Fortinet forum I can get a clarification and the "cure" for the certificate issue.

 

Please see attached file.

I will appreciate any help.

 

Thanks.

2 REPLIES 2
Dave_Hall
Honored Contributor

If SSL deep-inspection is enabled you should be able to "*.onmicrosoft.com" added to the exemption list.  See https://cookbook.fortinet.com/default-exemptions-ssl-deep-inspection-profile/

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
mla
New Contributor

Thanks Dave. I will talk to Fortinet people. We'll see how it will ends up...

Labels
Top Kudoed Authors