Hi, I've got an issue.
I'm trying to whitelist Threema for an Android phone which is undergoing SSL Web-Filtering.
Somehow Threma is accessing their server by using the raw ip's, ie https://149.154.167.51/ but their certificates appear not to be issued for that "domain". It's that kind of stuff which comes along when a company uses a CDN and has their certificates issued for the companies domain, instead of the CDN's names.
So I'm trying to add an "Filtering Options" > "Exception", using a regex for filtering, namely ^https://\d+(\.\d+){3}/ only for that device, which has "Certificate Trust Check" and "Certificate Date Check"
But for some reason that exception gets ignored, so Threema is getting blocked.
2015:03:05-19:27:51 bridge httpproxy[5096]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="DEVICE_IP" dstip="149.154.167.91" user="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProContaRoot1Netwo (HTTPS)" filteraction="REF_gqAdFfazdU (Allow All)" size="0" request="0x1259a000" url="149.154.167.91/" referer="" error="Failed to verify server certificate" authtime="0" dnstime="2" cattime="0" avscantime="0" fullreqtime="40586" device="0" auth="0" ua="" exceptions="certcheck,certdate"
2015
I noticed that I'm also getting this for https://api.threema.ch/
The Policy is an "Allow All"
Any idea what's going on? I'm using UTM since 2010, so I know quite a bit about using it.
This thread was automatically locked due to age.
