Hot!Is SSL Deep Inspection screwing up the certification path?

Author
sw2090
Expert Member
  • Total Posts : 783
  • Scores: 58
  • Reward points: 0
  • Joined: 2017/06/14 01:27:25
  • Location: Regensburg
  • Status: offline
2020/09/07 04:04:22 (permalink)
0

Is SSL Deep Inspection screwing up the certification path?

I just ran into this.
 
I have https://dealerportal.piaggiogroup.com
If I open this in Browser without Deep Inspection enabled and look into the certification path I see:
 
DigiCert => DigiCert SHA2 Secure Server CA => dealerportal.piaggiogroup.com
 
If I do the same with Deep Inspection enabled I see:
 
<mycompany CA> => <suboridinary CA of company CAused by Deep Inspection> => dealerportal.piaggiogroup.com.
DigiCert plus the following intermediate CA seem to be gone
My Browser then complains that the certificate of dealerportal.piaggiogroup.com does not have a valid digital sigature...
 
Did anyone else encounter this to?
I also openend a ticket with TAC on this.
 
Greetings
Sebastian
#1

2 Replies Related Threads

    sw2090
    Expert Member
    • Total Posts : 783
    • Scores: 58
    • Reward points: 0
    • Joined: 2017/06/14 01:27:25
    • Location: Regensburg
    • Status: offline
    Re: Is SSL Deep Inspection screwing up the certification path? 2020/09/09 23:26:14 (permalink)
    0
    To give an update:
     
    In my test environment here at HQ it does not. But it did on productive FGT.
    Still investigating on...
    #2
    mcdaniels
    Bronze Member
    • Total Posts : 56
    • Scores: 1
    • Reward points: 0
    • Joined: 2013/05/15 05:29:31
    • Status: offline
    Re: Is SSL Deep Inspection screwing up the certification path? 2020/10/07 09:46:55 (permalink)
    0
    And you do exactly the same in your test environment?
    #3
    Jump to:
    © 2020 APG vNext Commercial Version 5.5