A developer raised a ticket that he were unable to update packages from files.pythonhosted.org and several other related sites.
Doing some troubleshooting, the user were able to connect to the site, from outside the corp network.
We checked ASA for denies, FirePower for blocks and Umbrella for blocked DNS entries. Umbrella did not have a block for https://files.pythonhosted.org, and we were able to browse for the site. But packages did still fail.
Output from the update tool threw an error about "..unable to validate certificate..", so I checked that the client were able to connect to all AIA's in the certificate chain. Some AIA pointers failed, but the entire chain were vaild. But just to make sure I reconfigured the DNS to Google, and the update tool worked!
Back to Umbrella, no blocks for files.pythonhosted.org, but added the sites and the others to the global allow list and then it all worked.
The only thing that struck me, was that files.pythonhosted.org's certificate were issued by Umbrella!
If Umbrella blocks the site it will be redirected to Umbrella, that's why you probably see the Umbrella certification. Not sure why it would have been blocked, you have Log All or Log Only Security activated on the policy that was used?
We’re excited to announce new capabilities with Secure Endpoint that allow you to simplify your security and maximize your security operations: Unify your security stack and reduce agent fatigue with Cisco Secure Client; harness integrated risk-based vuln...
Listen: https://smarturl.it/CCRS8E47 Follow us: twitter.com/CiscoChampion
Ransomware, fileless malware, and zero-day attacks continue to target organizations around the world. In response, organizations have resorted to deploying a variety of di...
This is a general information page for Cisco Threat Centric (TC-NAC) with ISE
Threat Centric Network Access Control (TC-NAC) feature enables you to create authorization policies based on the threat and vulnerability attributes received from the th...
The 2021 IT Blog Awards, hosted by Cisco, is now open for submissions. Submit your blog, vlog or podcast today. For more information, including category details, the process, past winners and FAQs, check out: https://www.cisco.com/c/en/us/t...
Cisco Secure Endpoint (formerly AMP for Endpoints) will decommission legacy cloud servers, which results in Legacy Windows Connector Versions 3.x/4.x and Mac Connector Version 1.0.x ceasing to ...