Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
mirnick
Explorer

Https inspection stops working after some time.

Good afternoon.

The problem is that https inspection stops working after some time.
In my case I created a rule to inspect traffic from the internet to my file server.
In the https inspection policy, I added my file server certificate.
When I try to connect from a mobile device via https, app or WEB at first the inspection can work, but at some point the inspection does not happen and access is allowed and accept-logins.
Tried to solve the problem by turning off the Whitelist, but it did not help.

Why this happens and what can be the problem?

0 Kudos
1 Reply
Sorin_Gogean
Advisor

hey @mirnick , 

 

I still don't see in your post, where HTTPS Inspections (actually is a decryption, nothing else) is breaking.

You are using HTTPS Inspection for the Incoming traffic towards your server, and you confirm seeing that traffic in the FWL logs .

Still you expect for some number of connections, to see HTTPS Inspection blade kicking in every time - that will not happen.

 

HTTPS Inspection, will kick in when the connection is established, so the HTTP SSL tunnel is created and data starts to be exchanged through it. If the HTTP SSL tunnel connection expires, or is dropped/disconnected, then the new one will be visible in the HTTPS Inspection logs...

(at least this is how I know it works - HTTP SSL tunnels.) 

 

You can see that by running a Network Report in Chrome while connecting to this forum - first connection shows the SSL negotiation, while the next ones towards the same server, will not... 

Capture.JPG

Capture.JPG

 

Ty,

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events