Support Center > Search Results > SecureKnowledge Details
Improved handling of trusted CAs certificates when HTTPS inspection is enabled Technical Level
  • Websites that use "Staat der Nederlanden Root CA - G2" certificate, fail to open with HTTPS Inspection.

  • Downloading the "Staat der Nederlanden Root CA - G2" certificate and importing it manually into the Trusted CA List ('SmartConsole > HTTPS Inspection > Advanced > Trusted CA > Import') resolves the issue.

    Note: Use "Update certificate list" option.

  • Debug of WSTLSD daemon (as per sk105559) shows:
    cptls_Validation::CallBackOnFailed: result: -1001, error_level: 0
    cptls_Validation: Chain is NOT trusted !!

  • Examples of sites that use "Staat der Nederlanden Root CA - G2" certificate:


The Trusted CA list is held on the Security Gateway, and due to a change in the list, it fails to correctly read the "Staat der Nederlanden Root CA - G2" certificate. As a result, it displays the certificate as "Not Trusted".

Note: To view this solution you need to Sign In .