• Browser Certificate Warning When Visiting HTTPS Websites If Web Gateway Is Using The SSL Scanner With Content Inspection

    Kaynak: kc.mcafee.com

    Technical Articles ID:   KB86362



    McAfee Web Gateway (MWG) 7.x



    The web browser displays a certificate warning when visiting HTTPS websites. This issue occurs if Web Gateway is using the SSL Scanner with content inspection enabled. The certificate warning message varies based on the web browser:

    Mozilla Firefox will block the website and display the warning message: The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure.

     Google Chrome will allow the website, but will display the warning message: The certificate for this site expires in 2017 or later, and the certificate chain contains a certificate signed using SHA-1.



    Starting January 1, 2016 most web browsers are phasing out trust of certificates signed using SHA-1. Any certificates signed after January 1, 2016 will be untrusted in some way (it varies based on the web browser), but certificates signed before that date will still be accepted.

    Mozilla Firefox announcement: https://blog.mozilla.org/security/2015/10/20/continuing-to-phase-out-sha-1-certificates/

    Google Chrome announcement: http://blog.chromium.org/2014/09/gradually-sunsetting-sha-1.html

    Microsoft announcement: http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx

    Web Gateway will issue certificates for websites that are SSL scanned, so the signing date will be after January 1, 2016.



    Ensure that Web Gateway does not use SHA-1 in the SSL scanning settings (use SHA-256 instead). If you migrated from older Web Gateway versions to newer Web Gateway versions, this setting will not be updated automatically.

    Log on to the Web Gateway user interface.

    Navigate to Policy, Settings, Engines, SSL Client Context with CA.

    For all of the settings containers for SSL Client Context with CA:

    From the Digest drop-down menu, select sha256.

    From the RSA server key size drop-down menu, select 2048.

    In addition, if the Certificate Authority (CA) used in Web Gateway was signed using SHA-1, you should consider replacing it soon. 

    Currently web browsers will display a warning only if the web server certificate is signed using SHA-1. 

    However, the same issue may happen eventually for CA certificates signed using SHA-1.



  • McAfee Web Gateway

  • McAfee Web Gateway 7.4.0 User Manual

    Kullanım kılavuzunu buradan indir.

  • McAfee Web Gateway'da Syslog Gönderimi

    Kaynak: https://community.mcafee.com/community/business/email_web/webgateway

    Policy > Log Handler > Default > Access Log

    kısmında syslog ruleset'i oluşturun.

    Name: Syslog


    Rule Criteria: Always

    Action: Continue

    Events: Syslog (6, User-Defined.logLine)

    Configuration > Node > rsyslog.conf



    önüne - işareti ekliyerek logun diske yazması engellenir.

    Logun 514 UDP portuyla syslog ile sunucuya yollanması için

    daemon.info @Your Syslog Server IP:514

    girilir ve kaydedilir.

    Eğer syslogu UDP yerine TCP ile gönderilecekse 

    daemon.info @@Your Syslog Server IP:514




    daemon.info @xxx.xxx.xxx.xxx:514


  • McAfee Web Gateway All Session Restart


    McAfee Web Gateway'de UI üzerindeki kullanıcı sessionlarını sonlandırmak ve yenilemek için aşağıdaki komutu shh komudunda çalıştırılır:

    cd ..

    cd \etc

    cd .\init.d\service mwg restart



  • McAfee Web Gateway UI Session Restart

    McAfee Web Gateway'de UI üzerindeki kullanıcı sessionlarını sonlandırmak ve yenilemek için aşağıdaki komutu shh komudunda çalıştırılır:

    cd ..

    cd \etc

    cd .\init.d\mwg-ui restart