This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

Facebook is not displaying its page/images properly when SSL Decryption is enabled

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Facebook is not displaying its page/images properly when SSL Decryption is enabled

AKamal
L0 Member

‎06-19-2013 01:42 AM

Facebook is not displaying its page/images properly when SSL Decryption is enabled

any ideas why ?

*Note: I have a rule allowing ANY destination with ANY application with ANY service, also another rule i tried was with ANY destination with Explicitly allowing all facebook applications on service ANY, and yet it didn't work.

My SSL Forward certificate is 1024-bit sha-1

pa-ssl-decryption.jpg

Labels:
0 Likes Likes
7 REPLIES 7

mikand
L6 Presenter
In response to JRussell

‎06-20-2013 01:20 AM

Unless the bank uses a client cert (which very few does) - how would the bank be able to detect that the ssl traffic is being intercepted at the client end according to you ?

Regarding the Facebook problem - verify if they only accept TLS 1.1 or newer? If so then PA might lack support to handle TLS 1.1 and newer ssl based communication.

JRussell
L3 Networker
In response to mikand

‎06-20-2013 01:32 AM

Well perhaps I should have quantified that statement a little bit. OUR banking sites don't like it when the traffic is decrypted before getting to the end point. And yes, ours does use Cert. We have a card reader that we have to pull the certs from a card they send us to get it to all work properly. But that is getting a bit off topic.

All I was suggesting is to try a no-decrypt rule to see if that allows him through as that is what worked for me in other cases. Not facebook though as we block that across the board.

AKamal
L0 Member

‎06-24-2013 07:46 AM

Thanks , &

I specified in my decryption rule to match on all categories (I added them all explicitly)

I tried with IE, Chrome & Firefox and seems that the problem is with Firefox only!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks