Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
636
Views
0
Helpful
2
Replies

FirePower HTTPS URL Filerting

Go to solution
istewart11
Level 1
Level 1

‎04-20-2018 07:49 AM - edited ‎02-21-2020 07:39 AM

Hello,

 

from what I've read to do HTTPS url object filtering Cisco FirePower will check the Certificate CN name, will it also check the SAN entries?

 

Just wondering how it will work with a singel CN name and multiple SAN names on a cert used across multiple web sites.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marius Gunnerud
VIP
VIP

‎04-20-2018 11:59 AM

no it does not check the subdomains listed in the certificate, so do not use subdomains when creating the HTTPS filter.  Instead use company.com (and not www.company.com).  In this case the filter will match the entire host name including subdomains.

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Marius Gunnerud
VIP
VIP

‎04-20-2018 11:59 AM

no it does not check the subdomains listed in the certificate, so do not use subdomains when creating the HTTPS filter.  Instead use company.com (and not www.company.com).  In this case the filter will match the entire host name including subdomains.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Go to solution
istewart11
Level 1
Level 1
In response to Marius Gunnerud

‎04-25-2018 01:41 AM

Thanks for clarification 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card