Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

A certificate warning appears in the web browser after disabling HTTPS decryption in InterScan Web Security Virtual Appliance (IWSVA) 6.5

    • Updated:
    • 13 Dec 2018
    • Product/Version:
    • InterScan Web Security Virtual Appliance 6.5
    • Platform:
    • N/A N/A
Summary

Even though HTTPS decryption is disabled, the web browser displays a certificate warning message instead of the web content through InterScan Web Security Virtual Appliance (IWSVA) 6.5.

Details
Public

If a HTTPS website is blocked by one of the IWSVA functionalities, such as URL filtering, IWSVA will try to establish a connection with the HTTPS website or client in order to display the security event.

As a result, receiving the server certificate performs the following actions similar to the HTTPS decryption mode against a HTTPS URL:

  • HTTPS web site's server certificate verification
  • Generating certificate signed by IWSVA for the HTTPS web site's Common Name (FQDN).
If a HTTPS website is required to show the client's certificate, IWSVA takes an action via HTTP > HTTPS Decryption > Settings > Client Certificate Handling. The session is tunneled by default.

The features affected by this logic are the following:

  • HTTP > URL Filtering
  • HTTP > URL Access Control > Global URL Blocking
  • HTTP > Configuration > Access Control Settings > HTTPS Ports

For the certificate warning message redirected to HTTP > Advanced Threat Protection > Policies > Virus/Malware Scan Rule > Scan before delivering, importing the WebUI's certificate to each web browser is needed.

For more information, refer to the KB article: Web browser security warnings appear when using the "Scan before delivering" feature in InterScan Web Security Virtual Appliance (IWSVA) 6.5.

To resolve this issue:

To avoid the web browser's certificate warning message, the Root certificate stored in IWSVA must be imported to the web browser as a Trusted Root Certification Authority.

Refer to the KB article: Certificate warning appears after enabling HTTPS decryption in InterScan Web Security Virtual Appliance (IWSVA).

The Client Certificate Handling action must be changed to "Block" if the user does not want to tunnel the connection and block it instead.

Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1121715
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.