Users in your network are attempting to reach a website that has a self-signed certificate using a GRE tunnel to Netskope. They are currently being blocked by Netskope with an SSL error. How would you allow this traffic?
A.
Configure a Do Not Decrypt SSL Decryption rule to allow traffic to pass.
B.
Configure a Real-time Protection policy with the action set to Allow.
C.
Set the No SNI setting in Netskope to Bypass.
D.
Ensure that the users add the self-signed certificate to their local certificate store.
To allow traffic from a website with a self-signed certificate that is being blocked by Netskope with an SSL error, the correct action is to configure aDo Not Decrypt SSL Decryption rule. This rule will allow the traffic to pass without being decrypted, thus bypassing the SSL error caused by the self-signed certificate.This is a common practice for handling traffic from trusted internal applications or specific external sites that use self-signed certificates1.
[: The Netskope Community Forum discusses the application of exceptions for sites with self-signed certificates and the use of SSL decryption policies to bypass the blocking1.Additionally, the Netskope Knowledge Portal provides information on managing error settings and configuring SSL decryption rules2., ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit