Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 749 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[7.506] HTTPS-Proxy Exceptions

trialrider
Hi there,

I'm hanging around with getting updates through my transparent Proxy with active HTTPS-Scanning.

I read most of the posts here, imported my Proxies certificate using GPO for computer and user account. Added the certificate to Firefox and IE, but nothing works...

Downloading windows updates from Microsoft hangs at 0 % for hours, Firefox says: "Update-XML-Datei fehlerhaft (200)". And yes, I've created exceptions for MS and FF.

FF: Skipping Authentication / Caching / Extension blocking / SSL scanning / Certificate Trust Check / Certificate Date Check for mozilla.org

MS: Skipping Authentication / Caching / Antivirus / Extension blocking / Certificate Trust Check / Certificate Date Check for microsoft.com and windowsupdate.com

Can someone help me please? I'm testing transparent HTTPS-Scanning for our real network.

TIA and Kind regards,
Steffen


This thread was automatically locked due to age.
Parents
  • 0
    Whenever wierd stuff just starts happening, check the Intrusion Prevention log.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Whenever wierd stuff just starts happening, check the Intrusion Prevention log.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    So I tried again.

    Updating Firefox ends in HTTP-Log with:
    2010:08:12-08:30:48 SoftAstaro httpproxy[3700]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="[mine]" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="840" time="243 ms" request="0x92ee0f0" url="aus2.mozilla.org/.../update.xml
    and ISP Log shows nothing related to time and action. Packet Filter Log shows nothing to. HTTPS goes through Proxy for all clients.

    I coulddn't found entries for windows update packets too.

    The XML file can be read with Firefox:
    2010:08:12-08:38:14 SoftAstaro httpproxy[3700]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="[mine]" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="840" time="230 ms" request="0x92edbe8" url="aus2.mozilla.org/.../update.xml
    The log entries are identical.

    I skipped all in my Extension for Firefox but it doesn't work.

    Maybe it's a bug?

    Kind regards
    Steffen