SSL Decryption Certificate Issues

Reply
L1 Bithead

SSL Decryption Certificate Issues

I have created the SSL decryption certificate and applied it using group policy. When testing I have several workstations that work with no issue but many others that recieve certificate errors. I cannot find any difference in the browser setup, the SSL certificate is in the workstation trusted root store where it should be. It looks like a 50/50 success rate. Windows 10 workstations, some on 1809 and some on 1903 with the same mixed results. I am at a loss, anybody had this issue?

L7 Applicator

Re: SSL Decryption Certificate Issues

@Millette,

What browser are you using for these tests? Some browsers will not, by default, look at the machines certificate store and will use their own. 

L1 Bithead

Re: SSL Decryption Certificate Issues

IE is our primary browser but we also use Chrome.

L1 Bithead

Re: SSL Decryption Certificate Issues

So I believe I amy have to solution figured out. In the certificate options there is a box for root certificate. None of the instructions I read referenced that, but after checking that and re-deploying the certificate my sucess rate is 100%.

Highlighted
L7 Applicator

Re: SSL Decryption Certificate Issues

@Millette,

Odd that the guide you were following left that out, as it's a requirement to get this to function correctly. If you allow the installation of Firefox you'll also need to utilize the ESR version or do a little bit of manual work for FireFox to trust your cert; by default FireFox will not read the Windows cert store.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!