So we have a couple hosts where we use a Wildcard SSL and I noticed that in our URL filtering, it shows up as *.domain.com (application SSL) rather than service1.domain.com and service2.domain.com
I've been trying to troubleshoot an issue where we use a whitelist for a certain business unit and we have service1.domain.com listed in the access URL list, but they keep getting dropped. Is the short term solution just to add *.domain.com to get around this issue?
Long term, I would think there has to be a differen solution, considering how prevalent Wildcard SSL cert are today.Just our organization alone, we probably will have 20 hosts, all using the same certificate. We need to be able to identify the traffic by the correct URL.
for the whitelist, I ended up just adding the url *.domain.com to allow connections to wildcarded SSL hosts to work.
However, I think PAN should work on a better method of identifying the actual URL, rather than the listing the wildcard SSL in the logs.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!