I am using firewall rules to authenticate client with client certificates. It was working fine but from last day It stops working. Each time I request to my domain it blocks the user but user installed the client certificate on its system/browser.
Please let me know If somebody else is facing this issue as it start coming from last day, previously it was working fine with the same flow.
Looking for help.
If the firewall is blocking the user then I would check the firewall logs to see why you are being blocked.
So what I should do now? I tried different rules but nothing is working in my favour.
What are the firewall logs saying is the block reason?
It says firewall blocks due to this rule, although I created new certificate and tried with that but no luck. It stopped working on all clients machine. In attachment you can find out the firewall log.
We’re you trying to hit a host other than osintcenter.org or the supercp host when it was blocked? It doesn’t look like you were based on the data here, so I would expect it to be blocked based on the regex of the rule in place.
Yess I tried other one https://supercp.osintcenter.org/ but I got same response. Actually it was working fine earlier then it stopped working around 20 days ago. It doesn’t seems to browser issue. Almost 50+ clients had been generated they all stopped working at same time. If you think its due to regular expression then please suggest me what I should do?
The current regex says “if you are trying to hit either of these two hosts OR you don’t have a client certificate installed” block the request.
Unlikely this ever worked, if there was a regex which was working someone changed it and you should look at the audit log.
Perhaps using AND as the operator?
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.