cancel
Showing results for 
Search instead for 
Did you mean: 

SSL-Scanner gives warning for selfsigned certificates

Jump to solution

Hi all,

while studing functionality of your web gateway (watching videos and testing configuration) I wondered about the following:

In a video a selfsigned certificate was blocked but with our webwasher a warning and a button appears. When I searched for the setting in webwasher I couldn't find any for this behaviour.

We use: "McAfee Web Gateway 6.8.7 build 9396                 on webwasher" as appliance.

Best Regards

Anja

0 Kudos
1 Solution

Accepted Solutions
McAfee Employee

Re: SSL-Scanner gives warning for selfsigned certificates

Jump to solution

This is pretty much related to the CA settings! go to Trusted Ceritificate Authorities and look at the option for 'only unknown CAs found'. This should be the one you are looking for.

best,

Michael

0 Kudos
4 Replies
McAfee Employee

Re: SSL-Scanner gives warning for selfsigned certificates

Jump to solution

Hi Anja,

This happens as result of the action "Warn Incident" in SSL Scanner > Certificate Verification. It's a soft block, meaning that you as user should know that this site is not matching your company's security profile, but in case you think you have to go there, you can (by cklicking on the button).

best,

Michael

0 Kudos

Re: SSL-Scanner gives warning for selfsigned certificates

Jump to solution

Hi Michael,

I known the tab/section for ssl-scanner, but where is the check for warn incident, in case of selfseign cert?

What do I have to do to block selfsigned sides or allow & Log. I would like these incidents to appear in incident manager, At the moment they don't.

Anja

SSL-Scanner.JPG

0 Kudos
McAfee Employee

Re: SSL-Scanner gives warning for selfsigned certificates

Jump to solution

This is pretty much related to the CA settings! go to Trusted Ceritificate Authorities and look at the option for 'only unknown CAs found'. This should be the one you are looking for.

best,

Michael

0 Kudos

Re: SSL-Scanner gives warning for selfsigned certificates

Jump to solution

Bingo,

that was the setting I was searching for.

Thanks for your help!

SSL-Scanner_action-if-cert-selfsigned.JPG

0 Kudos