Tweet
Hi, We are a school with some 200 students. Been running UT for 5 years, & SSL Inspector for 2 years - SSL Ins been a little buggy but works OK to allow us to monitor what the kids are searching on in YouTube & the common SE's. That's all we need, so we bypass (ignore) all other SSL traffic usually based on SNI Host name.
Lately we've been seeing lots of "SSL decrypt exception: Insufficient buffer remaining" errors on various non Search-Engine sites that I thought should have been bypassed by our rules. (Inspect All SSL Traffic rule is unchecked). The certificate displayed on the partially painted page was the Untangle Cert.
So my question is "Does UT need to do any decryption before it can work out the SNI host name, or in other words, would this SSL decrypt exception cause SSL inspector not to determine the SNI Host Name and thus not bypass the site for SSL inspection ? Would there be any use trying an Ignore rule based on Cert Subject instead ?
Lately we've been seeing lots of "SSL decrypt exception: Insufficient buffer remaining" errors on various non Search-Engine sites that I thought should have been bypassed by our rules. (Inspect All SSL Traffic rule is unchecked). The certificate displayed on the partially painted page was the Untangle Cert.
So my question is "Does UT need to do any decryption before it can work out the SNI host name, or in other words, would this SSL decrypt exception cause SSL inspector not to determine the SNI Host Name and thus not bypass the site for SSL inspection ? Would there be any use trying an Ignore rule based on Cert Subject instead ?
Comment