Re: Can't Access Web Sites after applying SSL Policy
Is the certificate you are using for Firepower configured as a "certificate-issuing-certificate"?
This would need to be specified in the template used by the CA when signing the certificate it issues to the FMC. A standard web server certificate (even if the issuing CA is trusted) will not suffice to allow Firepower to masquerade as the destination site when proxying the SSL traffic.
Troubleshooting a failed ISE Upgrade Readiness Tool Assessment
About the Author
Richard Atkin is an Engineer at a Cisco Partner in the UK, specialising in ISE, WiFi & Prime... I'm also currently learning about APIs, Webhooks, AWS, (etc et...
Security Product and architecture introduction-NGFW portflio(8/6)