WatchGuard Support Center

Knowledge Base - Article

000012456
 Causes for certificate warnings when Firebox denies access to remote sites

Information
Users in your network might see a certificate warning when the Firebox blocks their connection to some websites or online services.  There are multiple Firebox features that could result in a certificate warning:

HTTPS Proxy
If your Firebox is configured to use the HTTPS proxy with Content Inspection, users could see a certificate warning when they visit any site, whether or not the Firebox allows the connection. This occurs because the HTTPS proxy re-signs the server certificate.
To learn how to resolve certificate errors with the HTTPS proxy, see About the HTTPS Proxy


Geolocation
One common cause of certificate warnings is the Firebox Geolocation service. When Geolocation blocks user access to a service such as Office365, the Firebox redirects the user to a secure website that displays the deny message.
The domain name for the Firebox web server certificate does not match the domain name for the website, so the users will always see a certificate error for impacted sites.
To learn more about Geolocation, see About Geolocation.

DNSWatch

If your Firebox is configured for DNSWatch, denied connections are redirected to your blackhole education page. The domain name for the blackhole page certificate does not match the domain name for the website, so the users will always see a certificate error for impacted sites.
To learn more about DNSWatch, see
About WatchGuard DNSWatch .