Cisco Bug: CSCvu42363 - ECDSA signed server certificates aren't re-signed by RSA signed certificate authority
Jul 14, 2020
- Cisco Firepower Management Center
Known Affected Releases
6.2.3 6.3.0 6.4.0 6.5.0 6.6.0 6.7.0
Symptom: Browser navigation to a website using an ECDSA signed certificate fails occasionally. This will usually be on initial visits to the website, subsequent visits succeed, although traffic is not decrypted. Conditions: Firepower Threat Defense device configured with an SSL inspection policy. SSL Inspection policy configured to Decrypt-Resign traffic. Decrypt-Resign rules use an RSA signed certificate authority. Network clients visiting websites using ECDSA signed server certificates.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases