https://live.paloaltonetworks.com/t5/general-topics/wildcard-ssl/m-p/21087#M15391 <HTML><HEAD></HEAD><BODY><P>for the whitelist, I ended up just adding the url *.domain.com to allow connections to wildcarded SSL hosts to work.</P><P></P><P>However, I think PAN should work on a better method of identifying the actual URL, rather than the listing the wildcard SSL in the logs.</P></BODY></HTML> Sun, 23 Jan 2011 00:05:41 GMT camkim_MDEA 2011-01-23T00:05:41Z https://live.paloaltonetworks.com/t5/general-topics/wildcard-ssl/m-p/21086#M15390 <HTML><HEAD></HEAD><BODY><P>So we have a couple hosts where we use a Wildcard SSL and I noticed that in our URL filtering, it shows up as *.domain.com (application SSL) rather than service1.domain.com and service2.domain.com</P><P></P><P>I've been trying to troubleshoot an issue where we use a whitelist for a certain business unit and we have service1.domain.com listed in the access URL list, but they keep getting dropped. Is the short term solution just to add *.domain.com to get around this issue?</P><P></P><P>Long term, I would think there has to be a differen solution, considering how prevalent Wildcard SSL cert are today.Just our organization alone, we probably will have 20 hosts, all using the same certificate. We need to be able to identify the traffic by the correct URL.</P></BODY></HTML> Wed, 19 Jan 2011 16:35:06 GMT https://live.paloaltonetworks.com/t5/general-topics/wildcard-ssl/m-p/21086#M15390 camkim_MDEA 2011-01-19T16:35:06Z https://live.paloaltonetworks.com/t5/general-topics/wildcard-ssl/m-p/21087#M15391 <HTML><HEAD></HEAD><BODY><P>for the whitelist, I ended up just adding the url *.domain.com to allow connections to wildcarded SSL hosts to work.</P><P></P><P>However, I think PAN should work on a better method of identifying the actual URL, rather than the listing the wildcard SSL in the logs.</P></BODY></HTML> Sun, 23 Jan 2011 00:05:41 GMT https://live.paloaltonetworks.com/t5/general-topics/wildcard-ssl/m-p/21087#M15391 camkim_MDEA 2011-01-23T00:05:41Z