Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 0 subscribers
  • Views 23468 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

* Certs and Web Appliance

Jason_D

Does the web appliance work with * certs?  It seems that every time I see an organization with a cert issued to *.company.com, the web appliance does not allow access to the page until I add that site to the bypass list for SSL.  It says that the site certificate is not valid although I cannot find any problems with it.  Am I doing something wrong?

Here's an example site:

https://www.ctspurchasing.com/

Jason

:3428


This thread was automatically locked due to age.
Parents
  • 0

    Ok, one last question because things are not working as I expected.  i'm able to add certs and that is fine.  But, as I understand how certificates should work:

    Lets say Verisign has a root cert named "Verisign root cert" that is trusted.  "Verisign root cert" issues "Verisign intermediate cert 1" through "Verisign intermediate cert 5".  "Verisign intermediate cert 3" issues a cert to "Bob's garage software".

    Shouldn't I be able to go to https://bobsgaragesoftware.com without explicitly trusting "Verisign Intermediate cert 3", just by trusting "Verisign root cert"?  Because that does not seem to be the behavior i'm experiencing with the appliance. 

    It seems I'm having to download and add a lot of intermediate certs.  And that seems to be against the point of trusting root certs.

    :3503
Reply
  • 0

    Ok, one last question because things are not working as I expected.  i'm able to add certs and that is fine.  But, as I understand how certificates should work:

    Lets say Verisign has a root cert named "Verisign root cert" that is trusted.  "Verisign root cert" issues "Verisign intermediate cert 1" through "Verisign intermediate cert 5".  "Verisign intermediate cert 3" issues a cert to "Bob's garage software".

    Shouldn't I be able to go to https://bobsgaragesoftware.com without explicitly trusting "Verisign Intermediate cert 3", just by trusting "Verisign root cert"?  Because that does not seem to be the behavior i'm experiencing with the appliance. 

    It seems I'm having to download and add a lot of intermediate certs.  And that seems to be against the point of trusting root certs.

    :3503
Children
No Data