1 Reply Latest reply on Oct 7, 2013 10:26 AM by Jon Scholten

    MWG 7.3 Verify Common Name (Proxy Setup)/Block Incident Common name mismatch

    jspanitz

      We are seeing a ton of Access Denied events all point to an Akamai server.  I know an out of box rule exists (SSL Scanner | Cert Verification | Verify Common Name (Proxy Setup) for Akamai but it does seem to handle this site.  We added another entry to the Allow Akamai rule that states:

       

      SSL.Server.Certificate.CN matches *.redswoosh.akadns.net

       

      But the entry is still logged.  Below is the entry in the MWG log:

       

      [07/Oct/2013:09:38:33 -0400] "MWG" "user" xxx.xxx.xxx.xxx 69.31.16.8 "cn1.redswoosh.akadns.net" 0 "-" 0 0 "CONNECT cn1.redswoosh.akadns.net:443 HTTP/1.1" "Content Server" "Minimal Risk" 6 "Verify Common Name (Proxy Setup)/Block Incident" 98 "Common name mismatch" false "-" false "-" "-" "-" "Akamai NetSession Interface"

       

      What's the fix?