Secure One Services Group

Expand all | Collapse all

ProxySG | Please help to verify Eventlog

Jump to Best Answer
  • 1.  ProxySG | Please help to verify Eventlog

    Posted 10-04-2018 07:10 AM

    Dear All,

        Please help to verify Eventlog about Server Certificate validation failed following information as below and please help to recommend how to resolve this issues.

     

    2018-10-04 15:48:42+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:49:03+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:49:23+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:49:44+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:50:05+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:50:25+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:50:33+07:00ICT  "Server certificate validation failed: CERT_EXPIRED, Name in certificate: www.navilytics.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:50:34+07:00ICT  "Server certificate validation failed: CERT_EXPIRED, Name in certificate: www.navilytics.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:50:50+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:50:58+07:00ICT  "Server certificate validation failed: CERT_EXPIRED, Name in certificate: www.navilytics.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:51:11+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:51:31+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:51:52+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:52:12+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:52:33+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:52:53+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:53:14+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:53:34+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:53:55+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:54:16+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:54:36+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:54:57+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:55:17+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:55:37+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: VMBKK01.internal.local"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:55:38+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:55:38+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: VMBKK01.internal.local"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:55:40+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: VMBKK01.internal.local"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:55:40+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: VMBKK01.internal.local"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:55:41+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: VMBKK01.internal.local"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:55:59+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:56:19+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:56:40+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:57:00+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:57:21+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1   te_transaction.cpp:1718
    2018-10-04 15:57:41+07:00ICT  "Server certificate validation failed: CERT_UNTRUSTED_ISSUER, Name in certificate: fbs25.trendmicro.com"  0 300000:1  

     

     

    Thank you so much for your help.

     

    Best Regards,

    Chakuttha R.

     



  • 2.  RE: ProxySG | Please help to verify Eventlog
    Best Answer

    Broadcom Employee
    Posted 10-05-2018 01:16 AM

    Hi Chakuttha,

     

                Most probably, your proxy might be missing a latest CA which issued certs for these domains

                            OR

                you are having an upstream device which is doing ssl inspection.

     

                A pcap taken for these domain would help in identifying the exact reason. A quick fix is the rule suggested by Aboo

     



  • 3.  RE: ProxySG | Please help to verify Eventlog

    Posted 10-05-2018 12:49 AM

    Dear Chakutha,

     

    Add this rule in proxy and check:

     

    <SSL>
    url.domain=trendmicro.com server.certificate.validate(yes) server.certificate.validate.ignore(untrusted_issuer)