Operational Defect Database
BugZero found this defect 3247 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3FgSAI
HTTPS Proxy with Deep Inspection enabled re-signs all certificates with SHA-1 hash
Last update date:
6/29/2015
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.10.x
11.10
11.10.1
11.10.2
11.10.3
11.10.4
Fixed releases:
All
Description:
Issue
When you browse to a website and your request is processed by the HTTPS proxy with Deep Inspection enabled, the site certificate is signed with SHA-1, instead of the hash for the site's certificate, such as SHA-256. As a result, some browsers will alert the user that the web session is insecure.
