cancel
Showing results for 
Search instead for 
Did you mean: 
jspanitz
Level 7

SSL Cert Common Name Mismatch question

Jump to solution

Just wondering how to modify the default regex for common name matching to incorporate multi sub domains.

The certifiate verification failed due to a common name mismatch.

Host: tmcm55.zg.trendmicro.com
Common name: *.trendmicro.com
Alternative subject names: regex([^.]*\.trendmicro\.com), regex(trendmicro\.com)
0 Kudos
1 Solution

Accepted Solutions
McAfee Employee

Re: SSL Cert Common Name Mismatch question

Jump to solution

revised-rule.jpg

Screenshot above shows a working rule, which modifies the default one.

The criteria for the default rule is SSL.Server.Certificate.CN.ToWildcard, where as the rule in the screenshot is String.ToWildcard.

The resulting regex is different, SSL.Server.Certificate.CN.ToWildcard is "regex([^.]*\.trendmicro\.com)", and String.ToWildCard is simply "*.trendmicro.com".

Best,

Jon

0 Kudos
3 Replies
McAfee Employee

Re: SSL Cert Common Name Mismatch question

Jump to solution

That's an interesting one. Firefox blocks it too because of a common name mismatch.

trendmicro.jpg

You could create a rule like the following:

-Criteria: SSL.Server.Certificate.HasWildcards equals True AND URL.Host matches SSL.Server.Certificate.CN

-Action: Stop Ruleset

This would fit the bill because URL.Host is "tmcm55.zg.trendmicro.com", and the CN is "*.trendmicro.com".

Web gateway already has that, but converts it to a regex of "regex([^.]*\.trendmicro\.com)"...

Best,

Jon

Message was edited by: jscholte on 3/25/14 5:37:18 PM CDT
0 Kudos
McAfee Employee

Re: SSL Cert Common Name Mismatch question

Jump to solution

revised-rule.jpg

Screenshot above shows a working rule, which modifies the default one.

The criteria for the default rule is SSL.Server.Certificate.CN.ToWildcard, where as the rule in the screenshot is String.ToWildcard.

The resulting regex is different, SSL.Server.Certificate.CN.ToWildcard is "regex([^.]*\.trendmicro\.com)", and String.ToWildCard is simply "*.trendmicro.com".

Best,

Jon

0 Kudos

Re: SSL Cert Common Name Mismatch question

Jump to solution

Hi Jon Scholten,

I have a small doubt here, if i want to write the for this site 2016-03-25_1743.png do i need to write the rule in the below way:

SSL.Server.Certificate.CN.ToWildcard matches *.email.tvslsl.com



OR



SSL.Server.Certificate.CN.ToWildcard is "regex([^.]*\.email.tvssl\.com)" and String.ToWildCard is simply "*.email.tvslsl.com".



kindly help.


Regards,

PRASANTH.



0 Kudos