ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Browser return untrusted server certificate error when browsing through Web Isolation Cloud with WSS forwarding to tenant.

book

Article ID: 237110

calendar_today

Updated On:

Products

Web Isolation Cloud

Issue/Introduction

As of this writing, certificate with "isolation.wss.prod.fire.glass" will automatically be deployed into any dedicated Web Isolation tenant having Web Security Service (WSS) forwarding. This is needed to establish trust between WSS and Web Isolation Cloud dedicated tenant. The certificate is used to emulate server certificate when Web Isolation intercepts traffic hence you are seeing the certificate returned to the client browser. 

 

 

 

Cause

The "isolation.wss.prod.fire.glass" certificate is issued by the "BlueCoat Systems, Inc. Cloud Services CA - G2" Subordinate CA certificate.

The "BlueCoat Systems, Inc. Cloud Services CA - G2" is signed by "Bluecoat Systems, Inc. Cloud Services Root CA". 

So all these certificate needs to be installed and trusted by client browsing directly to the dedicated Web Isolation Cloud.

Resolution

Install the attached certificates to the "Trusted Root Authorities" of the browser/client machine to resolve the error. 

Attachments

1647470450884__Isolation_WSS.cer get_app
1647470396092__Cloud_service_Root_CA.cer get_app
1647470382709__Cloud_service _CA-G2.cer get_app