cancel
Showing results for 
Search instead for 
Did you mean: 
slizka
Level 7
Report Inappropriate Content
Message 1 of 1

SaaS Web Protection - Error message in HTTPS

Hi,

One of our clients is using McAfee SaaS Web Protection without SSL interception. Now, we're blocking facebook.com and for some reason it looks like the cloud proxy is trying to push/redirect https session to show error message although we don't decrypt it, causing the browser to trigger error message regarding invalid SSL certificate. But from my understanding normally when SSL is not decrypted, the browser should show just some general browser error, not SSL.

With McAfee SaaS Web protection, using Client Proxy I get:

But with our corporate explicit proxy(different vendor also without SSL decryption) I get just normal general error:

So it looks like the mcafee saas is trying to decrypt the ssl just to push error message, which is not working in case of HSTS+FF/Chrome which then trigger scary message about privacy:

Br. Ales

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community