It was set to "Certificate Inspection", which seems to be a default on our FG101F's, and that was causing the problem. The problem was the SSL inspection assigned to the firewall policy. The problem was, as lobstercreed suggested, the Fortigate was acting as a MiTM attack, intercepting the certificates of *some* sites for whatever reason (see attached image for what it would display). Only affected some sites, not all and happened out of the blue - absolutely NO changes (by us) were made to firewall, routing, DNS, etc.literally happened overnight. Where could I look in the settings on the Fortigate to investigate where the cert errors are originating? Thanks!!įor anyone else who has this issue, same thing happened to me just yesterday. I reversed the above and put the cables back into the Fortigate and again had the certificate problems reappear. So, fired up the router and put the outside on the WAN and the inside on the LAN1 port - gave it a minute and then went to the computer that had the difficulty and there were no longer any certificate errors at all. I have a linksys router configured to pass the traffic in and out of the network in case the Fortigate fails, etc. I noticed the error message reporting."Fortinet" wasn't installed properly on your computer or the network: NET::ERR_CERT_AUTHORITY_INVALID". This isn't an issue with any of the other 18 computers on the same network. The clock and global settings are correct, etc. I hopped onto the network and noticed the same thing right away.certificate errors. It's bare bones with 10 and Edge installed and that's about it. I decided to go ahead and bring it up to Windows 10, which is now complete. I noticed certificate errors almost everywhere I went. The computer had Windows 8.1 at the time. Recently, I decided to get one of them and install Windows 10 with the media installation download from Microsoft. For example, I have several spare machines that I can deploy into the building when necessary. From time-to-time and only on a very few machines (dell optiplex 790's etc.) I will encounter security issues when trying to see our library website, facebook, and other common legit sites. This has been an issue for quite sometime and I've put it on the back burner.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |