Server requested client certificate - not supported
Hi
When our secuirty software, Heimdal security, tries to access their proxy system, i am getting this error:
pxy server requested client certificate - not supported
The browser certificate warning, i am getting is on *.heimdalsecurity.com which works fine during normal browsing, but when the software does some kind of inspection on dns/tls connections, we sometimes get this error presented.
Testing heimdalsecurity.com with fairssl shows:
rDNS (192.124.249.38): cloudproxy10038.sucuri.net.
So i added cloudproxy10038.sucuri.net to a https filter and now it works as expected as the wg proxy is not involved. I guess the server software demands the heimdal client to present a certificate which is not a supported feature by wg proxy or?
Regards
Robert
0
Sign In to comment.
Comments
Hi Robert,
It appears as if that software is trying to get the actual certificate and not the proxy authority certificate. If the proxy is set to inspect, it will not allow this. If your security software requires a connection that is not being inspected and resigned by the proxy, setting up an exception or packet filter would be valid ways to correct this.
-James Carson
WatchGuard Customer Support
@james.carson
Thanks, this make sense.