Tweet
Hi all,
I have configured the web filter on my Untangle to process SNI information from HTTPS websites.
In the Arista help article (https://wiki.edge.arista.com/index.php/HTTPS) it says that the blocking page cannot be displayed if the Untangle's Root CA is not installed on the client.
I have the root CA installed on a client and still get a certificate warning when calling a blocked HTTPS page, which can't even be bypassed.
There is talk about "[website] uses a security technology called "HTTP Strict Transport Security (HSTS)", which allows Firefox to connect to the website only through secured connections. Therefore, no exception can be added for the website".
Is this a new security feature that allows that the blocking page can not be called despite the installed Untangle Root CA's ?
Can I somehow make the blocking page reappear at least with the Root CA installed ?
Many thanks for suggestions and tips.
balombi
I have configured the web filter on my Untangle to process SNI information from HTTPS websites.
In the Arista help article (https://wiki.edge.arista.com/index.php/HTTPS) it says that the blocking page cannot be displayed if the Untangle's Root CA is not installed on the client.
I have the root CA installed on a client and still get a certificate warning when calling a blocked HTTPS page, which can't even be bypassed.
There is talk about "[website] uses a security technology called "HTTP Strict Transport Security (HSTS)", which allows Firefox to connect to the website only through secured connections. Therefore, no exception can be added for the website".
Is this a new security feature that allows that the blocking page can not be called despite the installed Untangle Root CA's ?
Can I somehow make the blocking page reappear at least with the Root CA installed ?
Many thanks for suggestions and tips.
balombi
Comment