How to Whitelist a domain for SSL bypass.

https://10.128.44.10/

Login: teamit      PW: Password Manager

Graphical user interface, application Description automatically generated

Choose HI_Global-6-4 (8)

Graphical user interface, application Description automatically generated

Choose Policy & Objects

Graphical user interface, table Description automatically generated

  1. Wildcard FQDN Addresses
  2. Create New, Wildcard FQDN

Graphical user interface, text, application Description automatically generated

Then OK

Graphical user interface, text, application, email Description automatically generated

Double click or edit “Corp SSL Inspection Full

Graphical user interface, application Description automatically generated

Scroll down to Addresses and click on first domain and “Select Entries” will appear to the right, start typing domain that you just added and select it and click OK then OK again at the bottom of the page.

Now to push these rules to the Fortigates.

Graphical user interface, text, application, chat or text message Description automatically generated

Choose Install Wizard.

Graphical user interface, text, application Description automatically generated

Select the Site you wish to push the Rules to. Either HIFORTIGATE-CL_corp or SYDFORTIGATE1 if unsure please check with Bruce. Rules should be pushed to Both Sydney and Island to keep them Synched.

Click Next and Next again at the Device view.

Text Description automatically generated

Click Install Preview, this will show the commands that are going to be pushed to the Fortigate, it should only show a few lines of commands with the domain in the list.

**If it shows more than expected and you are unsure that the commands match what you are trying to Whitelist please check with Bruce as at this stage you will be making changes to the Firewall.

Click Next to push rules.

Once 100% check access to the domain.