MAC OS Decryption Issues

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

MAC OS Decryption Issues

L0 Member

Hello All,

 

I was just curious if anyone has encountered issues with Apple Mac devices and SSL decryption? We have users that are unable to perform an Internet Recovery over the network, but when they are off the network it works for them. This has only started since implenting SSL Decryption. We have excluded apple.com from SSL inspection but the issue still persists. Just curious if anyone has any ideas on other things to exclude?

 

Thank you!

 

5 REPLIES 5

Cyber Elite
Cyber Elite

No experience but in addition to apple.com also exclude *.apple.com

If it still fails then exclude decryption for specific IP that is performing Internet Recovery and check logs where it connected to.

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

Thank you for responding. We do have apple.comand *.apple.com but still not luck. I checked the logs and do not see any decryption errors. Saw a couple tcp-rst-from-client's in there but nothing really stands out. 

L7 Applicator

have you tried adding *.apple.com to your no decrypt policy.

i do not use it but am aware that it uses :-

 

osrecovery.apple.com or oscdn.apple.com 

 

so... I would have

 

apple.com and *.apple.com in your no-decrypt policy

oops... sorry late post...

Then I suggest to exclude this machine from decryption.

Run recovery.

Run report from Monitor > PDF Reports > User Activity Report to get whole connection pattern.

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011
  • 3538 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!