1 Reply Latest reply on Oct 7, 2013 10:26 AM by Jon Scholten

    MWG 7.3 Verify Common Name (Proxy Setup)/Block Incident Common name mismatch


      We are seeing a ton of Access Denied events all point to an Akamai server.  I know an out of box rule exists (SSL Scanner | Cert Verification | Verify Common Name (Proxy Setup) for Akamai but it does seem to handle this site.  We added another entry to the Allow Akamai rule that states:


      SSL.Server.Certificate.CN matches *.redswoosh.akadns.net


      But the entry is still logged.  Below is the entry in the MWG log:


      [07/Oct/2013:09:38:33 -0400] "MWG" "user" xxx.xxx.xxx.xxx "cn1.redswoosh.akadns.net" 0 "-" 0 0 "CONNECT cn1.redswoosh.akadns.net:443 HTTP/1.1" "Content Server" "Minimal Risk" 6 "Verify Common Name (Proxy Setup)/Block Incident" 98 "Common name mismatch" false "-" false "-" "-" "-" "Akamai NetSession Interface"


      What's the fix?