https://live.paloaltonetworks.com/t5/general-topics/dectyption-issue/m-p/546585#M111707 <P>Hello,</P> <P>Also some websites do not like it when you decrypt them. I know a lot of the Microsoft sites are like this and its best to bypass decryption on them.</P> <P>&nbsp;</P> <P>Regards,</P> Tue, 20 Jun 2023 21:31:24 GMT OtakarKlier 2023-06-20T21:31:24Z https://live.paloaltonetworks.com/t5/general-topics/dectyption-issue/m-p/546352#M111671 <P>Dear Team!</P> <P>I got a problem with Decryption on some websites. For example admin.microsoft.com. When I try to open this website, the web browser gives me a simple white blank without any content in it. In this case, decryption is on. I saw the error, depending on the certificate chain of trust, and I follow the documentation and imported the missing certificate to Firewall and then to the end user machine, but, not fixed.</P> <P>&nbsp;</P> <P>This issue was in 10.1.7 and continues in 10.1.9 h2 I think. And, this problem the first time was faced while upgrading to 10.1.7.</P> <P>&nbsp;</P> <P>Any ideas?</P> <P>&nbsp;</P> Mon, 19 Jun 2023 06:05:16 GMT https://live.paloaltonetworks.com/t5/general-topics/dectyption-issue/m-p/546352#M111671 RovshanRajabli 2023-06-19T06:05:16Z https://live.paloaltonetworks.com/t5/general-topics/dectyption-issue/m-p/546472#M111699 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/227026">@RovshanRajabli</a> ,</P> <P>&nbsp;</P> <P>You might be running into <SPAN>bug behavior. </SPAN></P> <P><SPAN>I've seen this exact same behaviour when </SPAN><SPAN>http2 decrypted traffic was getting identified as unknown-tcp.&nbsp; Please check if that's the case or if it is being identified correctly.<BR /></SPAN></P> <P>&nbsp;</P> <P><SPAN>The root cause in my example was that each large http2 header holds a swbuf 4 until the end of the flow. This causes the swbuf 4 depletion.&nbsp; You can check this with the following command as well:<BR /></SPAN></P> <P>&nbsp;</P> <LI-CODE lang="markup">admin@Lab&gt; debug dataplane pool statistics | match "buffer 4"</LI-CODE> <P>&nbsp;</P> <P><SPAN>As a workaround you could try to strip ALPN for the website that causes the buffer depletion.</SPAN></P> <P>&nbsp;</P> <P><SPAN>That being said, I recommend grabbing a tech support file and have it analyzed by support in order to confirm if you are hitting this exact same bug or if you are experiencing a different issue.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Kind regards,</SPAN></P> <P><SPAN>-Kim.</SPAN></P> Tue, 20 Jun 2023 11:27:05 GMT https://live.paloaltonetworks.com/t5/general-topics/dectyption-issue/m-p/546472#M111699 kiwi 2023-06-20T11:27:05Z https://live.paloaltonetworks.com/t5/general-topics/dectyption-issue/m-p/546585#M111707 <P>Hello,</P> <P>Also some websites do not like it when you decrypt them. I know a lot of the Microsoft sites are like this and its best to bypass decryption on them.</P> <P>&nbsp;</P> <P>Regards,</P> Tue, 20 Jun 2023 21:31:24 GMT https://live.paloaltonetworks.com/t5/general-topics/dectyption-issue/m-p/546585#M111707 OtakarKlier 2023-06-20T21:31:24Z