FYI. We've been dealing with this for a day or two now. A root cert from LetsEncrypt expired and FortiGate is detecting this and blocking various sites that would otherwise be allowed.
"Fortinet, Shopify and more report issues after root CA certificate from Lets Encrypt expires | ZDNet" https://www.zdnet.com/article/fortinet-shopify-others-report-issues-after-root-ca-certificate-from-lets-encrypt-expires/
The workarounds we've found and TAC has recommended are to enable "Allow untrusted certs" in the web filter profiles doing inspection. You can also set the rule itself to flow-based.
No comments:
Post a Comment