- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
03-22-2018 09:44 AM
Hello All,
I was just curious if anyone has encountered issues with Apple Mac devices and SSL decryption? We have users that are unable to perform an Internet Recovery over the network, but when they are off the network it works for them. This has only started since implenting SSL Decryption. We have excluded apple.com from SSL inspection but the issue still persists. Just curious if anyone has any ideas on other things to exclude?
Thank you!
03-22-2018 10:03 AM
No experience but in addition to apple.com also exclude *.apple.com
If it still fails then exclude decryption for specific IP that is performing Internet Recovery and check logs where it connected to.
03-22-2018 10:06 AM
Thank you for responding. We do have apple.comand *.apple.com but still not luck. I checked the logs and do not see any decryption errors. Saw a couple tcp-rst-from-client's in there but nothing really stands out.
03-22-2018 10:07 AM
have you tried adding *.apple.com to your no decrypt policy.
i do not use it but am aware that it uses :-
osrecovery.apple.com or oscdn.apple.com
so... I would have
apple.com and *.apple.com in your no-decrypt policy
03-22-2018 10:08 AM
oops... sorry late post...
03-22-2018 10:08 AM
Then I suggest to exclude this machine from decryption.
Run recovery.
Run report from Monitor > PDF Reports > User Activity Report to get whole connection pattern.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!