Users in your network might see a certificate warning when the Firebox blocks their connection to some websites or online services. There are multiple Firebox features that could result in a certificate warning:
If your Firebox is configured to use the HTTPS proxy with Content Inspection, users could see a certificate warning when they visit any site, whether or not the Firebox allows the connection. This occurs because the HTTPS proxy re-signs the server certificate.
To learn how to resolve certificate errors with the HTTPS proxy, see About the HTTPS Proxy
One common cause of certificate warnings is the Firebox Geolocation service. When Geolocation blocks user access to a service such as Office365, the Firebox redirects the user to a secure website that displays the deny message.
The domain name for the Firebox web server certificate does not match the domain name for the website, so the users will always see a certificate error for impacted sites.
To learn more about Geolocation, see About Geolocation.
If your Firebox is configured for DNSWatch, denied connections are redirected to your blackhole education page. The domain name for the blackhole page certificate does not match the domain name for the website, so the users will always see a certificate error for impacted sites.