Seeing a ton of alerts from SSL Inspection
We're seeing a ton of alerts like this for this single IP with SSL Inspection:
That's a Facebook IP (in Ireland I believe). Facebook Messenger Desktop doesn't work unless we add graph.facebook.com and web.facebook.com to the exclude list because they hit this IP hard. Needless to say I'd MUCH rather Facebook be included in SSL Inspection...
Can you all see why this one IP is flagging. Is it a lack of a CA cert in the firmware or is their server misconfigured (can't imagine it is otherwise Chrome would go bonkers)
That's a Facebook IP (in Ireland I believe). Facebook Messenger Desktop doesn't work unless we add graph.facebook.com and web.facebook.com to the exclude list because they hit this IP hard. Needless to say I'd MUCH rather Facebook be included in SSL Inspection...
Can you all see why this one IP is flagging. Is it a lack of a CA cert in the firmware or is their server misconfigured (can't imagine it is otherwise Chrome would go bonkers)
0
All Replies
-
I think SSL inspection is not longer work for most of mobile Apps now. It only works for browser based application.
Since more Apps implement "certificate pinning" to prevent MITM attacks.
For example,
Since Android 7, if Apps implement certificate check API by level 24. Then the Apps will not trust user imported certificates but trust the certificates in system store only.
Android Developers Blog: Changes to Trusted Certificate Authorities in Android Nougat (googleblog.com)
0 -
Yeah - we don't even try SSL inspection on phones. We limit it to select desktops we know have the certificate installed properly. So these aren't coming from a phone.0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight