pfBlockerng-devel Certificate Error
-
Hello,
I am new here and I will try my best to explain correctly my problem, sorry for my english in advance.
I am using pfBlockerNG-devel 3.1.0 on pfSense, I would like to block some websites which are in my blacklist by showing a message like "yahoo is blocked", It works perfectly with HTTP but not with HTTPS (ERR_SSL_PROTOCOL_ERROR)
I would like to know if it is possible to redirect to another website like google (if the link is in HTTPS) or just show a message that he can't access to this web site instead of certificate error like in HTTP ?
This is what I want to show if the website is in the blacklist if the user try to access in HTTPS :
I already try to search everywhere but I didn't find a solution to my problem,
It's really important for me.
Thank you for your help,
-
@scop said in pfBlockerng-devel Certificate Error:
I would like to know if it is possible to redirect to another website like google (if the link is in HTTPS) or just show a message that he can't access to this web site instead of certificate error like in HTTP ?
There is not a way to do this. When a browser goes to an encrypted HTTPS site the first thing the browser is doing is verifying that the response is coming back from the server it intended to communicate with. It does this by verifying the security certificate of the server it communicates with. If the certificate matches the server it loads the page, if not, it will not load the page and will display the HTTPS (ERR_SSL_PROTOCOL_ERROR).
Because of that, if pfblocker attempts to serve up a an error page (classic MITM) the browser will not be able to verify the the page from pfblocker matches the security certificate of the intended server and the browser will block it.