Hot!certificate problem

Author
mla
New Member
  • Total Posts : 3
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/01/17 06:52:45
  • Status: offline
2019/01/17 07:52:43 (permalink)
0

certificate problem

Hi,
large environment...
Fortinet Firewalls and Proxy in top of the structure...
I do not manage or access them, but definitely can report about problem or the solution found to my issue.
 
The situation:
1. Outlook 365 in place. Most of the users accessing e-mail through Outlook web.
There are no problem when accessing e-mail using web browser. 
However, the users (including myself) who do use Outlook 2016 client experiencing the certificate error pop up on each Outlook opening and sometimes during the day even when it is opened.
Clicking Yes or No doesn't change the ability to use Outlook 2016.
Sure it is not a solution, but just to be sure I tried to install the Certificate for Current user and Local machine manually. If I had a certificate in hand, may be deploying by GPO could be a solution.
But with all being said, I have a feeling that the issue could be simply fixed on Fortinet proxy.
 
 2.  The info I am getting in the message is a bit confusing... the certificate is VALID, but "The security cert was issued by a company you have not chosen to trust..."
Sure that neither me nor other users not chosen to NOT trust this certificate :).
And the problem coming from "over the rainbow"... It was previously reported but no measures were taking... probably the person who checked the complain just didn't have a clear understanding.
 
I think that here on Fortinet forum I can get a clarification and the "cure" for the certificate issue.
 
Please see attached file.
I will appreciate any help.
 
Thanks.
post edited by mla - 2019/01/17 11:11:24

Attached Image(s)

#1

2 Replies Related Threads

    Dave Hall
    Expert Member
    • Total Posts : 1477
    • Scores: 163
    • Reward points: 0
    • Joined: 2012/05/11 07:55:58
    • Location: Canada
    • Status: offline
    Re: certificate problem 2019/01/17 14:16:52 (permalink)
    0
    If SSL deep-inspection is enabled you should be able to "*.onmicrosoft.com" added to the exemption list.  See https://cookbook.fortinet.com/default-exemptions-ssl-deep-inspection-profile/

    NSE4/FMG-VM64/FortiAnalyzer-VM/5.4/6.0 (FWF40C/FW92D/FGT200D/FGT101E)/ FAP220B/221C
    #2
    mla
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/01/17 06:52:45
    • Status: offline
    Re: certificate problem 2019/01/21 11:12:14 (permalink)
    0
    Thanks Dave. I will talk to Fortinet people. We'll see how it will ends up...
    #3
    Jump to:
    © 2019 APG vNext Commercial Version 5.5