Just playing around with some of the Astaro settings.....If I select scan https traffic I get some sites that return an invalid certificate errors yet on some other sites that are also using a SSL connection don't return the error. If I turn off the https scanning then the sites work as per normal. I use https for Gmail and it is one of the sites that returns the invalid certificate error if someone else wants to check it.
Which logfile contains the invalid certificate error? All my https failures in the content proxy log looks like this unless I add my clients to the skiplist:
2009:01:04-21:00:32 another httpproxy[7244]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.158.33" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" time="62323 ms" request="0x8108768" url="www.astaro.org/login.php
My concern is that Astaro is giving different results for ssl connections. I would expect that Astaro would make the web browser return a certificate error for every secure site you visit. When I visit my personal banking site which uses an ssl connection I do not get a certificate error and the page displays normally. As for adding a certificate excemption....this seems like a bad idea as I want the protection that the certificate provides (think of all the hacking DNS issues lately).
My concern is that Astaro is giving different results for ssl connections. I would expect that Astaro would make the web browser return a certificate error for every secure site you visit. When I visit my personal banking site which uses an ssl connection I do not get a certificate error and the page displays normally. As for adding a certificate excemption....this seems like a bad idea as I want the protection that the certificate provides (think of all the hacking DNS issues lately).
