Forum Discussion
NimbostratusAPM Per-request policy does not directly show warning page when SSL is bypassed
Hello, I have created a per-request policy within an access profile assigned to SWG_Explicit_iApp_Template_v1.3 In this per-request policy I used URL-filter, this works when an http request hits the filter and shows a "URL Filter Blocked Page" warning correctly; but when I send an https request that must hit the web-filter, it shows a SSL certificate warning at first. The policy is below:
What did I do wrong or missing?
6 Replies
Hi,
Are you sure you are bypassing SSL ? It sounds like the warning you get from your own internal/test certificate used for HTTPS inspection and resigning.
Salim
- Kevin_Stewart
Employee
I think the important question might be what is the SSL certificate warning. When you see the warning, open up the description and see who the cert is issued by. It'll either be issued by your local CA or by the remote (true) CA.
Noyan_137135I used "SSL Bypass Set" to directly make SSL handshake with the server, but I cannot be sure it bypasses SSL because yes, I used my test certificate at first. After that I changed this setting to default.crt in iApp and tried again, but I still got "problem with the site certificate"
For example I added facebook to the URL filter, it uses https as we know. I expect to get the access policy warning directly, but I always get site certificate warning before this.
- Kevin_Stewart
I'm not sure I'm following you. What "access policy warning" are you expecting to see? When you get the SSL certificate warning, what does that server certificate look like? Is the Facebook server cert issued by the real remote CA or by your local CA? Where did you apply default.crt?
- Noyan_137135
The expected access policy warning page is here :
But before this page, I see this warning when an https request hits the URL filter :
- Kevin_Stewart
So click on the red sheild next to the address bar and look at the server cert's properties. Who issued this certificate?
