- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
07-27-2014 09:41 AM
HI FRIENDS,
Now days i am facing a challenge ssl decryption certificate. i have a create a ssl decryption policy for block few App -ID after SSL decryption we got certificate error client side any suggestion???
Regards
Satish
07-27-2014 10:30 AM
Please install certificate used for decryption on end users machine.
Add it to trusted root certificate list. Let me know if you need detailed instructions.
07-27-2014 10:33 AM
Hello Sathish,
Could you please confirm, if you are only getting a certificate warning or the web-page is not loading correctly. In case of a forward -proxy, if you use a self signed certificate, then it is expected. Because it will not match with existing certificate ring in web-page.
For example:
Secondly, there are a few applications which does not play well with decryption:
List of Applications Excluded from SSL Decryption
Please find below a reference DOC for SSL certificate: SSL Decryption Certificates
Hope this helps.
Thanks
07-27-2014 11:31 AM
Hi Hardik,
Is this possible without decryption cert installation on end users machine. with help of FW.if yes the how.Thanks for reply.
Regards
Satish
07-27-2014 11:37 AM
Hello Satish,
If you signed the certificate from a trusted CA i.e entrust, go-dady, then it will not throw any certificate warning. Else, you may push the certificate to the individual machine through a server ( in your network).
Thanks
07-27-2014 11:38 AM
Hi Hulk Bro..
I have other issue. i am try to block gtalk, facebook, youtube help of app-id. if i have create ssl decryption policy then its working fine but cert issue only. then i have install the cert in client pc after cert issue has been resolve but i am not able to block youtube gtalk. plz suggest.
Regards
Satish
07-27-2014 11:48 AM
This doc might help you to install the certificate into individual machines: How to Perform Client Certificate Install for SSL Decryption
As per my knowledge, google services will not play well with SSL decryption ( google chrome as a browser), hence, could you please try to access through a different browser ( mozilla, IE) and let us know the result.
Thanks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!