I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
c=US st=New Jersey l=Jersey City o=The USERTRUST Network cn=USERTrust RSA Certification Authority
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Extended Validation Secure Server CA
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see
And this is for proxies - I´m not installing a new signed certificate.
I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
c=US st=New Jersey l=Jersey City o=The USERTRUST Network cn=USERTrust RSA Certification Authority
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Extended Validation Secure Server CA
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see
And this is for proxies - I´m not installing a new signed certificate.
I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
c=US st=New Jersey l=Jersey City o=The USERTRUST Network cn=USERTrust RSA Certification Authority
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Extended Validation Secure Server CA
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see
And this is for proxies - I´m not installing a new signed certificate.
I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
c=US st=New Jersey l=Jersey City o=The USERTRUST Network cn=USERTrust RSA Certification Authority
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Extended Validation Secure Server CA
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see
And this is for proxies - I´m not installing a new signed certificate.
I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
c=US st=New Jersey l=Jersey City o=The USERTRUST Network cn=USERTrust RSA Certification Authority
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Extended Validation Secure Server CA
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see the above certificates is not in the trust store by default yet.
And this is for proxies - I´m not installing a new signed certificate.
Hi @RVilhelmsen
Sorry about that -- I was notified that your comments got marked as spam, and I asked they all be released. There might be multiples since it looks like you were posting a few times.
I'll look into the above and ask that they add the certs as needed to the firebox defaults.
Comments
If i go to either canadagoose.com or support.sectigo.com, i will get a certificate warning when using dpi, if i do not install the above certificates.
Also with canadagoose.com
Also with canadagoose.com website.
Hi @James_Carson
I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
USERTrust RSA Certification Authority
Sectigo RSA Extended Validation Secure Server CA
Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see
And this is for proxies - I´m not installing a new signed certificate.
Robert
Hi @James_Carson
I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
c=US st=New Jersey l=Jersey City o=The USERTRUST Network cn=USERTrust RSA Certification Authority
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Extended Validation Secure Server CA
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see
And this is for proxies - I´m not installing a new signed certificate.
Robert
Hi @James_Carson
I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
USERTrust RSA Certification Authority
Sectigo RSA Extended Validation Secure Server Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see
And this is for proxies - I´m not installing a new signed certificate.
Robert
Hi @James_Carson
I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
c=US st=New Jersey l=Jersey City o=The USERTRUST Network cn=USERTrust RSA Certification Authority
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Extended Validation Secure Server CA
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see
And this is for proxies - I´m not installing a new signed certificate.
Robert
Hi @James_Carson
I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
c=US st=New Jersey l=Jersey City o=The USERTRUST Network cn=USERTrust RSA Certification Authority
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Extended Validation Secure Server CA
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see
And this is for proxies - I´m not installing a new signed certificate.
Robert
Hi @James_Carson
I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
c=US st=New Jersey l=Jersey City o=The USERTRUST Network cn=USERTrust RSA Certification Authority
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Extended Validation Secure Server CA
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see
And this is for proxies - I´m not installing a new signed certificate.
Robert
Hi @James_Carson
I´m running 12.5.5 on my T15´s and 12.6.2 on my M370´s. All the Comodo certificates is in the firebox trust store, but what missing is these:
c=US st=New Jersey l=Jersey City o=The USERTRUST Network cn=USERTrust RSA Certification Authority
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Extended Validation Secure Server CA
c=GB st=Greater Manchester l=Salford o=Sectigo Limited cn=Sectigo RSA Domain Validation Secure Server CA
If you test support.sectigo.com and canadagoose.com from ssllabs, you will see the above certificates is not in the trust store by default yet.
And this is for proxies - I´m not installing a new signed certificate.
Robert
Hi @RVilhelmsen
Sorry about that -- I was notified that your comments got marked as spam, and I asked they all be released. There might be multiples since it looks like you were posting a few times.
I'll look into the above and ask that they add the certs as needed to the firebox defaults.
-James Carson
WatchGuard Customer Support