https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259699#M10898 <P>Can you please translate what error says? Looks like Portugese to me and only things I can speak in that language are thank you and number six lol</P> <P>Andy</P> Sat, 11 Oct 2025 00:26:25 GMT the_rock 2025-10-11T00:26:25Z https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259650#M10895 <P>Hi,</P><P>We are experiencing a problem with the HTTPS inspection feature. I enabled a rule with an internal alert for users (UserPortal) to send categorization requests to the AI. All applications are working fine, but when users open Gemini, the browser connection is closed and does not work.</P><P>How can we solve this problem?</P> Fri, 10 Oct 2025 14:10:20 GMT https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259650#M10895 paulocosta 2025-10-10T14:10:20Z https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259668#M10896 <P data-unlink="true">You have posted this thread in: <STRONG>CloudMates</STRONG> &gt; <STRONG>Products&nbsp;</STRONG>&gt;<SPAN>&nbsp;</SPAN><STRONG>Cloud Network Security&nbsp;</STRONG></P> <P data-unlink="true">&nbsp;</P> <P data-unlink="true"><SPAN>It looks like like a <STRONG>Harmony Endpoint</STRONG> question and should go in:&nbsp;</SPAN><SPAN>&nbsp;</SPAN>Products&nbsp;&nbsp;&gt;<SPAN>&nbsp;</SPAN>Workspace&nbsp;<SPAN>&nbsp;&gt;&nbsp;</SPAN><STRONG><SPAN class="lia-link-navigation crumb-board lia-breadcrumb-board lia-breadcrumb-forum lia-link-disabled" aria-disabled="true">Endpoint</SPAN></STRONG></P> <P data-unlink="true"><SPAN class="lia-link-navigation crumb-board lia-breadcrumb-board lia-breadcrumb-forum lia-link-disabled" aria-disabled="true">Or maybe:&nbsp;</SPAN><STRONG style="background-color: #ffffff;">Network &amp; SASE</STRONG>&nbsp;&gt;&nbsp;<SPAN>&nbsp;</SPAN><SPAN class="lia-link-navigation crumb-board lia-breadcrumb-board lia-breadcrumb-forum lia-link-disabled" aria-disabled="true">Security Gateways&nbsp;</SPAN>if it is a Quantum Security Gateway,</P> <P data-unlink="true">&nbsp;</P> <P>&nbsp;</P> <P data-unlink="true"><SPAN class="lia-link-navigation crumb-board lia-breadcrumb-board lia-breadcrumb-forum lia-link-disabled" aria-disabled="true">If you move it to the Endpoint forum space and add some more details about the policy (maybe also a screenshot of the policy) you might get more visibility and help.</SPAN></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> Fri, 10 Oct 2025 16:44:48 GMT https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259668#M10896 Don_Paterson 2025-10-10T16:44:48Z https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259690#M10897 <P>Admins have to move posts, and I took care of that <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Fri, 10 Oct 2025 20:51:52 GMT https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259690#M10897 PhoneBoy 2025-10-10T20:51:52Z https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259699#M10898 <P>Can you please translate what error says? Looks like Portugese to me and only things I can speak in that language are thank you and number six lol</P> <P>Andy</P> Sat, 11 Oct 2025 00:26:25 GMT https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259699#M10898 the_rock 2025-10-11T00:26:25Z https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259702#M10899 <P>Seems to be:</P> <P>"<STRONG data-start="105" data-end="133">Secure Connection Failed</STRONG></P> <P data-start="135" data-end="219">An error occurred during a connection to gemini.google.com. <STRONG data-start="195" data-end="219">PR_END_OF_FILE_ERROR</STRONG></P> <P data-start="221" data-end="259"><STRONG data-start="221" data-end="236">Error code:</STRONG> PR_END_OF_FILE_ERROR</P> <UL data-start="261" data-end="453"> <LI data-start="261" data-end="385"> <P data-start="263" data-end="385">The page you are trying to view cannot be displayed because the authenticity of the received data could not be verified.</P> </LI> <LI data-start="386" data-end="453"> <P data-start="388" data-end="453">Please contact the website owners to inform them of this problem.</P> </LI> </UL> <P data-start="455" data-end="472">[Learn more...]</P> <P data-start="474" data-end="487"><STRONG data-start="474" data-end="487">Try again"</STRONG></P> <P data-start="474" data-end="487">&nbsp;</P> <P data-start="474" data-end="487">Could be certificate pinning.</P> <P data-start="474" data-end="487">Gemini (Google) uses strict certificate pinning and advanced TLS (often TLS 1.3 + OCSP Must-Staple).</P> <P data-start="474" data-end="487">Need to add the URLs or domains to the “Bypass HTTPS Inspection” list.</P> <P data-start="474" data-end="487">Or</P> <P data-start="474" data-end="487">Browser doesn’t trust the gateway’s CA certificate. The HTTPS Inspection CA was not imported or trusted on the endpoint.</P> <P data-start="474" data-end="487">Will be good to know more about the problem.</P> <P data-start="474" data-end="487">I think the Endpoint in a screenshot is confusing things a bit.&nbsp;</P> Sat, 11 Oct 2025 10:46:36 GMT https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259702#M10899 Don_Paterson 2025-10-11T10:46:36Z https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259703#M10900 <P>Makes sense Don...bypass is always logical thing to try.</P> <P>Andy</P> Sat, 11 Oct 2025 11:02:40 GMT https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259703#M10900 the_rock 2025-10-11T11:02:40Z https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259793#M10901 <P>The only way to deal with Certificate Pinning is to bypass HTTPS Inspection for that site/service.<BR />Not sure we have an Updatable Object (likely needed for this) or a list of URLs to bypass.<BR />I do know R82 will handle Certificate Pinned sites much better as it will auto-bypass when this is detected.</P> Mon, 13 Oct 2025 19:35:03 GMT https://community.checkpoint.com/t5/Endpoint/Https-Inspection-Gemini/m-p/259793#M10901 PhoneBoy 2025-10-13T19:35:03Z