Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
lhsit
New Contributor III

Getting Certificate errors after upgrade to 6.2.x

Hi All,

we recently upgrade the firmware to 6.2.2, then to 6.2.4.  Now, we are getting random certificate errors when trying to visit websites.  It doesn't happen all the time, just every now and then, and for totally different sites.  However, it's always the same, with an "UNKNOWN ISSUER" error on the certificate, which appears to have been "issued" by Fortinet.

 

We don't do DPI, we only have "certificate inspection" on our web filtering rules.

The error is highlighted in the attached image.  Even though the cert is for itunes.apple.com it appears to have been issued by fortinet.

 

Any help would be appreciated.

Regards,

Chris.

3 REPLIES 3
emnoc
Esteemed Contributor III

Did you "diag debug flow" when accessing that website and what does the output show ? And how is you web filter rules for that site and what is allowed or not allowed?

 

Also open a new browser in incognito does it do the same error?

 

Ken Felix

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
lhsit
New Contributor III

Hi Ken,

thanks for the response.  Unfortunately the errors are random and they come and go.  I will try the incognito window idea to see if that reduces the incidence of errors.

Cheers,

Chris.

laf
New Contributor II

lhsit wrote:

Hi Ken,

thanks for the response.  Unfortunately the errors are random and they come and go.  I will try the incognito window idea to see if that reduces the incidence of errors.

Cheers,

Chris.

Did you find anything in the meantime?

The most expensive and scarce resource for man is time, paradoxically, it' s infinite.

The most expensive and scarce resource for man is time, paradoxically, it' s infinite.
Labels
Top Kudoed Authors