Hot!SSL Inspection question about the Option "Allow Invalid SSL Certificates"

Author
ipranger
Silver Member
  • Total Posts : 117
  • Scores: 2
  • Reward points: 0
  • Joined: 2012/11/13 11:49:10
  • Location: Austria/Steiermark
  • Status: offline
2020/07/05 15:31:46 (permalink)
0

SSL Inspection question about the Option "Allow Invalid SSL Certificates"

Hello all, 
 
i'am using here FortiOS 6.2.4 with deepinspection in Flow and Proxy based mode. A few weeks ago the great event was where there were problems with wrong or broken SSL certificates. Since then I have had problems with websites again and again.
 
For example "logoix.com". If i call the site i get an proxy error in flowbased mode. In proxybased  mode i get an error with an invalid ssl certificate. And there are a lot of site more. Normal sides, trusted sites. 
 
So if i check the box "Allow Invalid SSL Certificates" all websites work as usual. So what does it really mean? Becaues if i have a look at the certificate in the webbrowser, it look like ok. 
 
I've also read this:
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/24449/ssl-ssh-inspection
https://kb.fortinet.com/kb/documentLink.do?externalID=FD40530
 
Thanks and best regards :)

Fortigate 60E v6.x (GA)
#1

1 Reply Related Threads

    ipranger
    Silver Member
    • Total Posts : 117
    • Scores: 2
    • Reward points: 0
    • Joined: 2012/11/13 11:49:10
    • Location: Austria/Steiermark
    • Status: offline
    Re: SSL Inspection question about the Option "Allow Invalid SSL Certificates" 2020/07/06 06:49:35 (permalink)

    Fortigate 60E v6.x (GA)
    #2
    Jump to:
    © 2020 APG vNext Commercial Version 5.5