Hot!HTTPS Sites dont show block correctly

Author
jase888
Bronze Member
  • Total Posts : 26
  • Scores: 2
  • Reward points: 0
  • Joined: 2018/10/04 01:58:11
  • Status: offline
2019/08/12 03:47:32 (permalink)
0

HTTPS Sites dont show block correctly

If a user goes to a HTTPS site it doesnt automatically come up with a Fortigate blocked this website warning. The user has to click the site not secure warning then it shows it. Is there something I haven't setup correct?
 
 
#1

1 Reply Related Threads

    sw2090
    Gold Member
    • Total Posts : 396
    • Scores: 21
    • Reward points: 0
    • Joined: 2017/06/14 01:27:25
    • Location: Regensburg
    • Status: offline
    Re: HTTPS Sites dont show block correctly 2019/08/12 06:24:51 (permalink)
    0
    That looks like if you are usng the Fortinet defaultcertificate or some other Certifacte Authority that is not trusted by browsers per default.
    To inspect and block https you must do somewhat man in the middle. You need to decrypt traffic look at it and recrypt it to deliver it. And you cannot do that with the certificate origninally used because you don't have the key.
    Also if the blocking page is delivered via https the FortiGate will have to crypt it with a certificate. 
    So you either need to install a trusted certificate onto your Fortigate to use it for encryption or you have to make your browser trust the existing one.
    #2
    Jump to:
    © 2019 APG vNext Commercial Version 5.5