This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
ccsjnw
Contributor
Thursday
Jump to solution

Harmony EndPoint Protection Blocking Access to DigiCert Certificate Revocation List


Recently (last couple of weeks), I am seeing Harmony EndPoint Clients getting blocked when they try to access: rb.symcb.com/rb.crl

1.jpg

This site belongs to DigiCert (it was formerly owned by Symantec, but DigitCert took over Symantec's CA business).

The address is specifically used to revoke bad certificates (CRL is the Certification Revocation List).

In light of the recently incident where DigiCert were compromised by a bad actor, and issued code-signing certificates that have since been used to make Malware look legitimate, I think it's important that clients are able to access the CRL list.

This is a recent problem – I’ve only seen this site being blocked for the last couple of weeks…
Our policy has blocked the category of Software Downloads for a long time, so this isn't a symptom of a recent policy change at our end. 

Has anyone else encountered this problem?

0 Kudos
1 Solution

Accepted Solutions
Lesley
MVP Gold
MVP Gold
Thursday
Jump to solution

Fixed:

 

image.png

-------
Please press "Accept as Solution" if my post solved it 🙂

View solution in original post

2 Replies
Lesley
MVP Gold
MVP Gold
Thursday
Jump to solution

False positives you can report here and Check Point will take a look and change it if needed. 

In the future you can report it here (login needed) https://usercenter.checkpoint.com/ucapps/urlcat/

I just asked CP to take a look:

Thank you for submitting your category change request.

We will process your request and notify you by email (to lesley) when it is handled. You can check the request status online using the provided reference ID.

 
Reference ID: 

URL: http://rb.symcb.com/rb.crl

Suggested Category: Computers / Internet

Comment: This is a crl list

While your request is being handled, you can manually override URL categories or create a custom application. This lets you override the information in the URL Filtering database and the responses generated by Check Point's online web service.

-------
Please press "Accept as Solution" if my post solved it 🙂
(1)
Lesley
MVP Gold
MVP Gold
Thursday
Jump to solution

Fixed:

 

image.png

-------
Please press "Accept as Solution" if my post solved it 🙂

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events