SSL filtering works fine for everyone except Chromebooks
-
I just set up SSL filtering for our small school here using pfSense and Squid/Sguidguard. Last year, we were using Untangle in the same capacity, but I like pfSense better, so we made the switch over the summer. Everything has been working pretty well, but when I enable Man in the Middle Filtering, all of our Chromebooks have HTTPS errors when attempting to get to any website using SSL.
Our Windows 7 & Windows 10 PC's work fine with the cert installed, so it seems like our setup must be correct. But all of the Chromebooks have the following error on HTTPS sites:
Here are some pics of our setup. I've blurred out info specific to our site just in case, but "maincampus.ourwebsite.org" is our Common Name. I tried to keep that completely consistent across the board.
And here is a screenshot from the Certs settings in our Google Management Console:
When I go to the Chromebooks, into Settings - Certificate Manager, I can see the cert was pushed out:
Perplexed by all these issues, and after some research, I even added an A Record with our domin name host to point our Common Name ("maincampus.ourwebsite.org") back to our static IP address:
I never had to do that with the Untangle server running SSL filtering. I'm not sure if it would have any effect anyway.
Is there something obvious I'm missing?