Certificate for DNSWatchGO

Hi Guys,

When we install the DNSWatchGO client, everytime a block occurs we get a Certificate Error on the Browser.

Where can we download the DNSWatchGO Certificate Authoritity?

Should the client install the CA during the setup?

Thanks in advance

Comments

  • James_CarsonJames_Carson Moderator, WatchGuard Representative

    Hi @jmsoares91

    The CA that the block page you're seeing is signed by a public CA -- but it's not signed for the domain that your browser is looking for. There will always be a certificate error here, as there will be a cert name mismatch.

    Thank you,

    -James Carson
    WatchGuard Customer Support

  • @James_Carson said:
    Hi @jmsoares91

    The CA that the block page you're seeing is signed by a public CA -- but it's not signed for the domain that your browser is looking for. There will always be a certificate error here, as there will be a cert name mismatch.

    Thank you,

    Hi we used avast/zscaler dns before and the had a root CA and if installed we never gets a certificate error after a redirect to there black hole.

    Now I get a certificate error ever time a site is inspected by dns-watch

  • James_CarsonJames_Carson Moderator, WatchGuard Representative

    Hi @ConnectNow

    It'll be impossible for the blackhole server to predict what you typed in, so the cert will never match. If there was something like an application on each PC (like dnswatchGo), this may be possible -- but the blackhole server out on the internet itself will never know what it is. DNS resolution happens long before the request (by IP) gets to the blackhole.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.