Just playing around with some of the Astaro settings.....If I select scan https traffic I get some sites that return an invalid certificate errors yet on some other sites that are also using a SSL connection don't return the error. If I turn off the https scanning then the sites work as per normal. I use https for Gmail and it is one of the sites that returns the invalid certificate error if someone else wants to check it.
Just playing around with some of the Astaro settings.....If I select scan https traffic I get some sites that return an invalid certificate errors yet on some other sites that are also using a SSL connection don't return the error. If I turn off the https scanning then the sites work as per normal. I use https for Gmail and it is one of the sites that returns the invalid certificate error if someone else wants to check it.
that's because when you turn on https scanning you insert hte firwall into the encryption stream.
What happens is the astaro sees the ssl connect attempt..it intercepts that and terminates it at the firewall using it's own internal certificate. The firewall then establishes an ssl connection to your gmail account. Now everything you send is decrypted by the firewall..scanned in plaintext, re-encrypted and sent to gmail. The same process is done in return form gmail to you. Because there's another certificate involved you'll usually get the certificate errors.
I am in the slim minority that sees this as a huge issue..[:)]
Just playing around with some of the Astaro settings.....If I select scan https traffic I get some sites that return an invalid certificate errors yet on some other sites that are also using a SSL connection don't return the error. If I turn off the https scanning then the sites work as per normal. I use https for Gmail and it is one of the sites that returns the invalid certificate error if someone else wants to check it.
that's because when you turn on https scanning you insert hte firwall into the encryption stream.
What happens is the astaro sees the ssl connect attempt..it intercepts that and terminates it at the firewall using it's own internal certificate. The firewall then establishes an ssl connection to your gmail account. Now everything you send is decrypted by the firewall..scanned in plaintext, re-encrypted and sent to gmail. The same process is done in return form gmail to you. Because there's another certificate involved you'll usually get the certificate errors.
I am in the slim minority that sees this as a huge issue..[:)]
