Coming from MWG6 there was a decent set of tools built in to report on SSL issues (expired, self signed, etc certs) and to test the certs on a given URL.
It seems MWG7 lost all of that.
So the obvious question is when if MWG7 going to be feature parity to MWG6. The not so obvious question is how does McAfee expect one to handle SSL problems in MWG7 until feature parity is achieved. Is there an SSL troubleshooting doc or any type of help in dealing with the issues or are we on our own?
Looks like you have brought this up previously:
Were you able to create a log as Andre had suggested? If not, here is a logging ruleset I came up with (see screenshot and attachment).
At the moment though we dont have a troubleshooting guide for such incidents. But this log could point you in the right direction.
Personally, I just take a look at the site myself in question (in IE or Firefox), you can then export the certificates for importing into MWG 7 (see screenshot below). Once exported you can import the certificates into your trusted CAs (if needed). I too wish there was an option to "fetch" the certificate in the GUI, like you had with 6.
Did you have any specific examples you were looking for guidance on?
Let me know if the log helps!
Yeah, I seem to post about the same things a lot
So I never did try the log because I was not sure where to begin as my experience with MWG7 is still not great. I've gotten slightly better since my post in march.
I will try your ruleset. Thanks for that.
Here's hoping that some of the old features will make it into MWG7 soon!