HTTPS proxy deny message

Dear all,

I have problems with Deny messages for HTTPS proxy policy. If a have the certificate installed on my computer. When my page is in WARN status, and inspection is turned on, I get a warning. but I can continue to site.
If I put DENY in weblocker, then nothing happens. DNS problem error.
Also OVERRIDE doesn't work. I've been spinning in circles for 16 hours. As the instructions say, yes, you can receive a message if your inspection is turned on and if you have a certificate installed. You can also enter an override password.
Ok, but I can't turn on the inspection if the override is turned on for the category and the status is deny..

How can I get a deny notification for https traffic and override message for denied sites in weblocker?
Everything is up to date. Firebox M290...

Thank you..


  • Options
    The deny needs to be from WebBlocker deny and not from something else such as from an Inspect domain name deny
  • Options

    Thank you. Yes, but I can't get deny message or override.. When I using only WebLocker and mark deny and override, I got only DNS problem in browser. Override is turned on and password is configured.. I see that there are questions about it, but I haven't found a solution. HTTP works, but HTTPS not..

  • Options

    Is the deny on the WebBlocker which is on the HTTP proxy action selected on your HTTPS proxy action?
    That is where it should be

  • Options

    Here's a picture, I really do not know.

  • Options

    I figure where is problem. I use the same webblocker policy on HTTPS and HTTP.. Very simple, but...

    Webblocker in HTTP and HTTPS needs to be different. One for inspect in HTTPS proxy policy, ono for deny in HTTP proxy policy..

    HTTP proxy

    • In webblocker deny everything if you want.

    HTTPS proxy

    • Put annother webblocker and turn on INSPECT for category that you wont to deny.
    • Proxy action must be with the same as in HTTP proxy (HTTP-Client.standard for me)

    And we need to have installed certificate on comp...

    Thank you Bruce one more time...

Sign In to comment.