search cancel

Warning: WSS SSL intercept certificate was NOT found on Mac

book

Article ID: 254964

calendar_today

Updated On:

Products

Endpoint Protection Endpoint Security Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

When using Web and Cloud Access protection on SEP 14.3 RU6 and above you may see the following error after installing the SEP client:

WSSNS Status: Connected
Warning: UDP connection to GSGRS failed (26)
Warning: WSS SSL Intercept certificate was NOT found

Environment

WSS
Web and Cloud Access Protection
macOS
SEP 14.3 RU6

Cause

The root certificate that allows SSL traffic to be inspected in the cloud is missing from the operating system's trusted keystore. 

In previous versions of macOS, 3rd parties were able to silently install certificates. From the support of SEP 14.3 RU6 (minimum macOS v13 Ventura), certificates can no longer be silently installed.

Resolution

The requirement of the root certificate and installation is detailed in TechDocs:
https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/web-security-service/help/about_ssl_co/ssl_certs.html

Depending on previous installation and upgrade paths, Mac clients  may have already installed the SSL root certificate, but Administrators need to control distribution to the root certificate using MDM or Group Policy with the requirement that the root certificate must be deployed.