Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 6 subscribers
  • Views 10307 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTPS scan and decrypt

Jan Stasik

Hello Community...

I am trying to run HTTPS scan and decrypt feature on my UTM box in transparent mode. I've found a guide on Sophos webpages how to enable it and import certificate.  I am not able to make it running on iOS device. In logs I always see something like that:

“http” request=”(nil)” function=”read_request_headers” file=”request.c” line=”1586″ message=”Read error on the http handler 80 (Input/output error)”

I’ve checked to skip certificate checks under exception tab and also imported certificate from https://passthrough.fw-notify.net/cacert.pem into iOS devices but unfortunatelly without luck….so do you have any advices?

 

After some deeper investigations I've found that most of the stuff is not working after importing certificate and enabling HTTPS decrypt and scan…skype is not working, itunes, evernote, webex, etc… lot of content is simply blocked and not displayed…spending another day troubleshooting and it makes me nuts…I think…this UTM feature simply doesn’t work…or I am really LAME...

 

Can you help me please what am i doing wrong? As I mention, web protection is enabled in transparent mode and running UTM 9.5

 

Thank you.



This thread was automatically locked due to age.
Parents
  • 0

    Hi, Jan, and welcome to the UTM Community!

    If this is for home use, I would choose 'URL filtering only' for now so that you can learn more about the UTM.  Instead of diving into the weeds with this now, save it for later.

    Cheers - Bob

  • 0 in reply to BAlfson

    Bob,

    I am using UTM now for couple of years from time of Astaro so I know a lot about it...would you like to tell me that if I have enterprise product (hardware) from Sophos, https scan and decrypt would behave differently? As far as I know, the only difference between enterprise features and home UTM is limitation for 50 IPs. And no, URL filtering only is not acceptable for me and I'd like to use scan and decrypt...

  • 0 in reply to Jan Stasik

    UTM will behave the same on hardware or home software version.

    I think what Bob meant was that decrypt and scan can (and most likely will)  interrupt with several https sites and/or applications. Sometimes because an applications uses port 443 but doesn't follow the exact specs of https and then the app breaks if a proxy in between intercepts traffic.

    Dealing with this will upon initialization of the feature require you to dig through logfiles and adjust exceptions until everything works the way it should be.

  • 0 in reply to Jan Stasik

    My apologies, Jan - I assumed that you were new to the UTM as your member name here is new.  If you had a membership before, you can get your old posts tied to your new name by sending a PM to bianson to have him change the email address associated to your new member name to the one you used with your old member name.

    Scanning & decrypting HTTPS is, as apijnappels says, hard work.

    Cheers -  Bob

Reply
  • 0 in reply to Jan Stasik

    My apologies, Jan - I assumed that you were new to the UTM as your member name here is new.  If you had a membership before, you can get your old posts tied to your new name by sending a PM to bianson to have him change the email address associated to your new member name to the one you used with your old member name.

    Scanning & decrypting HTTPS is, as apijnappels says, hard work.

    Cheers -  Bob

Children
No Data