This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Luisnego
Contributor
‎2020-06-23 11:49 AM

HTTPS empty_ssl_conn sometimes

 

Hello Guys, 

I have these issues in my network. I created an HTTPS Inspection Rule bypass a group of the network that contains these 2 hosts, sometimes when I access this website https://cypress.io   I see the log detect empty_ssl_conn, and sometimes this connection is bypassed.

Screenshot_15.png

I look at my Trusted CAs, I can see the Root CA and Intermediate CA. I did the command curl and the result is

Screenshot_16.png

Does anyone know how to fix this?

 

0 Kudos
1 Reply
FedericoMeiners
Advisor
‎2020-06-23 01:07 PM

Hello,

Most of the time this error indicates that the TLS/SSL handshake did not finish properly. Sometimes this can be caused by closing the browser while a webpage is loading.

However, after various debugs with R&D we could identify that this can also caused by the browser itself or the destination web server when inspecting SSL/TLS traffic.

In my experience it will not cause any issues other than bypassing the connection.

You can find more information in sk107755 - A log with an 'empty_ssl_conn' entry in the HTTPS Validation field appears in SmartView T...

Regards,

____________
https://www.linkedin.com/in/federicomeiners/
0 Kudos
Labels