Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SSL certificate "Common Name" URL filtering

    Scheduled Pinned Locked Moved pfSense Packages
    1 Posts 1 Posters 991 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kathampy
      last edited by

      Is this possible on pfSense? Most commercial appliances perform HTTPS URL filtering by inspecting the "Common Name" field in the certificate during the SSL handshake. If the domain is blocked, they return a self-signed certificate followed by the "URL Blocked" page. The client will see a certificate error, but the page is successfully blocked. If the domain is allowed, the SSL handshake resumes normally with the original certificate sent directly to the client.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.