CFS and DPI-SSL client
Hello,
using a NSA2650 - SonicOS Enhanced 6.5.0.0-33n
With DPI enable over a small group of computers, I have too much sites with errors that I can see with the "show connection failures" button (dpi-ssl config).
Most of them are: Client handshake error-error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown
Any help about this error? I don't think the only way to go is Excluding every site I see here, it would be too hard to admin.
I have imported the Certificate in all computers (and in their browsers), but browsers still inform that site is not secure when they try these sites that trigger that 14094416 error.
Thanks for your help.
Answers
@SWuservpn , did you enable DPI or DPI-SSL? You have to import certificates for DPI-SSL or you will get certificate errors. This is in the wrong forum since it is a firewall question.