FNMT digital certificate signature

Hi,

I want to be able to sign digitally through the browser with a certificate from the FNMT, but when I change the action to inspect in the domain name rules, the certificate does not work.
It is as if the personal certificate was not installed on the computer.

This is the test website:
https://www.sede.fnmt.gob.es/certificados/persona-fisica/verificar-estado/solicitar-verificacion

Adjunto imagen
https://us.v-cdn.net/6029905/uploads/editor/wt/i2xmr2kzjtls.png

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Juanmax

    The firewall will unpack, inspect, and resign traffic that is passed thru the https proxy with inspection enabled. This is likely going to break your signing process, as the upstream service won't trust the cert it sees being presented.

    I would suggest using the content inspection exceptions in the HTTPS proxy in order to ALLOW this site, vice inspect.

    This will allow everything else to be inspected, but for you to interact with that specific site without inspection:

    -James Carson
    WatchGuard Customer Support

  • Hello

    I have tried the instructions that you indicated in the previous post, but it keeps failing and still the same result.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Juanmax
    I'd suggest creating a support case -- if we're matching that exception, traffic should be passed without being inspected and passed directly to the remote server.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.