Broken links and warnings accessing web isolated sites through WSS

book

Article ID: 211242

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

Users accessing WSS using explicit access method

Customer also using email cloud service

Users receiving emails with embedded links in will have them encoded to use eu-west-email-isolation.prod.fire.glass e.g. https://eu-west-email-isolation.prod.fire.glass/?url=https%3A%2F%2Fpsimagazine.co.uk%2Freliance-high-tech-and-secure-logiq-form-partnership%2F%3Fgeneral_portal_token%3Da22d16c3a9c9d89990f743433ce9b82457e617447719cf96c7689135882b279f

When users click on link, they are presented with a warning about untrusted sites 

Clicking advanced view certificate shows that the certificate issues is WSS CA 

Imported trusted root to user machine and warning went away but blank page rendered

Visiting site directly it works e.g. https://psimagazine.co.uk/reliance-high-tech-and-secure-logiq-form-partnership/

 

Cause

Make sure that the isolation requirements defined at https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/web-security-service/Help/Prevent_Malware_12/about_webiso_co.html are followed, specifically with TLS inspections and root certificate imports.

Resolution

Make sure that TLS/SSL inspection is enabled on WSS side, and that the WSS root certificates are pushed down to all clients.