https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203101#M38211 <P>Hey&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/96626">@Ihenock1011</a>&nbsp;,</P> <P>Are you able to send a screenshot? I have real good https inspection lab going in R81.20, so can also do a quick test if needed. Please blur out any sensitive info mate.</P> <P>Best,</P> <P>Andy</P> Mon, 15 Jan 2024 14:02:36 GMT the_rock 2024-01-15T14:02:36Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203099#M38210 <P>Hi All,</P><P><SPAN>I have an R81.10 security gateway in VSX mode, and URL/Application filtering is enabled. The URL is explicitly allowed in the app/URL filtering rule base. However, the URL filtering indicates the detection of one of the URLs and reports an untrusted certificate, even though it is a valid certificate. This issue is blocking users from accessing the site. What should I check in order to resolve this?</SPAN></P><P><SPAN>Thanks,</SPAN></P> Mon, 15 Jan 2024 13:57:20 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203099#M38210 Ihenock1011 2024-01-15T13:57:20Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203101#M38211 <P>Hey&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/96626">@Ihenock1011</a>&nbsp;,</P> <P>Are you able to send a screenshot? I have real good https inspection lab going in R81.20, so can also do a quick test if needed. Please blur out any sensitive info mate.</P> <P>Best,</P> <P>Andy</P> Mon, 15 Jan 2024 14:02:36 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203101#M38211 the_rock 2024-01-15T14:02:36Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203170#M38225 <P><a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/38213">@the_rock</a>&nbsp;</P><P>sure, Attached is the screenshot for the specific log.</P><DIV class="">&nbsp;</DIV><P>&nbsp;</P> Tue, 16 Jan 2024 06:13:57 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203170#M38225 Ihenock1011 2024-01-16T06:13:57Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203177#M38226 <P>Is it a public website? Is it a valid certificate publically or for your domain?&nbsp;</P> Tue, 16 Jan 2024 07:45:22 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203177#M38226 emmap 2024-01-16T07:45:22Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203188#M38229 <P><a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/71054">@emmap</a>&nbsp; Yes, its SWIFT's cloud service.</P><P><A href="https://tracker.browse.swiftnet.sipn.swift.com" target="_blank">https://tracker.browse.swiftnet.sipn.swift.com</A></P><P>&nbsp;</P> Tue, 16 Jan 2024 09:02:05 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203188#M38229 Ihenock1011 2024-01-16T09:02:05Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203192#M38230 <P>When I load that link I get an invalid CA error in Chrome, and viewing the cert it doesn't look like it was issued by any publicly trusted CA. It looks like this is a valid determination by the gateway. To get around this you'll have to do an IP based bypass, which might be a challenge depending on where/how the service is hosted.<span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Annotation 2024-01-16 173237.png" style="width: 441px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/24078i3A1B16C0292D1B9C/image-size/large?v=v2&amp;px=999" role="button" title="Annotation 2024-01-16 173237.png" alt="Annotation 2024-01-16 173237.png" /></span></P> <DIV id="tinyMceEditor_4f04eb3a38a3c4emmap_0" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> Tue, 16 Jan 2024 09:34:58 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203192#M38230 emmap 2024-01-16T09:34:58Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203208#M38234 <P>I know customer had an issue like this 2 years ago, I will check my notes later and see what was the solution.</P> <P>Andy</P> Tue, 16 Jan 2024 12:31:13 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203208#M38234 the_rock 2024-01-16T12:31:13Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203209#M38235 <P>I see what&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/71054">@emmap</a>&nbsp;is saying, its definitely NOT issues by valid trusted CA authority.</P> <P>Best,</P> <P>Andy</P> Tue, 16 Jan 2024 12:32:47 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203209#M38235 the_rock 2024-01-16T12:32:47Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203211#M38236 <P>This is what customer told me back in 2023 when they had this issue, but again, not sure if this might be the case with you...</P> <P>Andy</P> <P>***********</P> <P><SPAN>We found the problem. I’m not sure how this happened but looks like we were missing the SAN (Subject Alternative Name in the certificate).</SPAN></P> <P><SPAN>******************</SPAN></P> Tue, 16 Jan 2024 12:45:44 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Url-filtering-detects/m-p/203211#M38236 the_rock 2024-01-16T12:45:44Z