[7.900][BUG][FIXED] passthrough.fw-notify.net problems when adding certificate except.

Hi,

Setup: transparent http proxy with https interception, 7.900, Google Chrome browser (though this is not a browser problem)
What causes the bug: accessing https://management.froscon.de/rt/ and trying to add an ssl exception

What happens:
Error for self signed certificate is shown:

Untrusted Website	

	

While trying to retrieve the URL:	194.95.66.66 (Add exception for this URL)

Status	self signed certificate in certificate chain

Subject	/CN=management.froscon.de

When trying to add an exception the URL http://passthrough.fw-notify.net/admin/addsslexception?https://194.95.66.66 generates an error:

While trying to retrieve the URL:	passthrough.fw-notify.net/.../addsslexception

Error message:	Invalid URL received

Your cache administrator is:	

christianlouis@gmail.com

HTTP log as follows:

"

2010:04:03-02:05:30 asgv8 httpproxy[29276]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.0.143" dstip="" user="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="6300" time="0 ms" request="0x99c7690" url="194.95.66.66" exceptions="" error="self signed certificate in certificate chain"

2010:04:03-02:05:30 asgv8 httpproxy[29276]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.0.143" dstip="" user="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="6300" time="0 ms" request="0x99c7690" url="194.95.66.66" exceptions="" error="self signed certificate in certificate chain"

2010:04:03-02:05:33 asgv8 httpproxy[29276]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="192.168.0.143" dstip="" user="admin" statuscode="500" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="4671" time="0 ms" request="0x99c7690" url="passthrough.fw-notify.net/.../addsslexception

2010:04:03-02:05:33 asgv8 httpproxy[29276]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="192.168.0.143" dstip="" user="admin" statuscode="404" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="4603" time="0 ms" request="0x99c7690" url="passthrough.fw-notify.net/favicon.ico" exceptions="" error="File not found"

If I add passthrough.fw-notify.net to the skiplist it gets even worse. Then passthrough.fw-notify.net is publicly resolved to 15.telemaxx.net:

404 Not Found

Not Found

The requested URL /admin/addsslexception was not found on this server.

Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.10 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g mod_perl/2.0.3 Perl/v5.8.8 Server at passthrough.fw-notify.net Port 80

Strange, eh?

Christian

Parents

0 Astaro Beta Bot over 15 years ago

Astaro Beta Report
--------------------------------
Version: 7.900
Type: BUG
State: CLOSED/FIXED
Reporter: christianlouis
Contributor: 
MantisID: 13282
Target version: 7.902
Fixed in version: 7.902
--------------------------------

0 cstich over 15 years ago in reply to Astaro Beta Bot

I am able to reproduce this error.

By the way:
To add an exception for the "passthrough" url will not fix the issue.

Workaround:
Add an Host Object or DNS Host for the host management.froscon.de.
Then add this object to the Transpartent mode skiplist (HTTP/S > Advanced).
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 cstich over 15 years ago in reply to Astaro Beta Bot

I am able to reproduce this error.

By the way:
To add an exception for the "passthrough" url will not fix the issue.

Workaround:
Add an Host Object or DNS Host for the host management.froscon.de.
Then add this object to the Transpartent mode skiplist (HTTP/S > Advanced).
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data