https://community.cisco.com/t5/network-security/ssl-deep-packet-inspection/m-p/3028375#M135953 <P>Sometimes they use old technologies like SSLv3 instead of TLSv1.2 so so the proxies will refuse to connect to them.</P> Wed, 03 May 2017 05:03:15 GMT Philip D'Ath 2017-05-03T05:03:15Z https://community.cisco.com/t5/network-security/ssl-deep-packet-inspection/m-p/3028374#M135949 <P>Hello, I am running SSL deep packet inspection (proxying users SSL queries) via my firewall.</P> <P>I have noticed that some websites fail until I make an exception for them. I understand this is normally due to public key pinning (HPKP).</P> <P>However I have run numerous tests on these websites and they do not seem to be using public key pinning.</P> <P>What other reasons could there be for Deep Packet Inpsection failing on some HTTPS websites ?</P> <P></P> <P>Thank you.</P> Tue, 12 Mar 2019 09:18:33 GMT https://community.cisco.com/t5/network-security/ssl-deep-packet-inspection/m-p/3028374#M135949 tedauction 2019-03-12T09:18:33Z https://community.cisco.com/t5/network-security/ssl-deep-packet-inspection/m-p/3028375#M135953 <P>Sometimes they use old technologies like SSLv3 instead of TLSv1.2 so so the proxies will refuse to connect to them.</P> Wed, 03 May 2017 05:03:15 GMT https://community.cisco.com/t5/network-security/ssl-deep-packet-inspection/m-p/3028375#M135953 Philip D'Ath 2017-05-03T05:03:15Z