Cisco Bug: CSCvv66814 - Resign cert not changing from default after deploy
Oct 07, 2020
- Sourcefire Defense Center
Known Affected Releases
6.4.0 6.5.0 6.6.0 6.7.0
Symptom: SSL connections intercepted and decrypted by a Firepower device are re-encrypted using an incorrect SSL certificate authority. This incorrect certificate authority is one that was used on a previous version of the configured SSL policy. Conditions: Firepower Threat Defense managed using Firepower Device Manager. SSL Decryption policy deployed. SSL Decryption policy contains one or more rules with Decrypt-Resign action. If the SSL policy is changed to use a different Certificate Authority to decrypt connections, and no other changes are made to the policy, the updated Certificate Authority may not be correctly used.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases