X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT

[samidha]

Hello,
I am Getting an Error while trying to access my Internal Site https://testselfsignedcert.safesquid.local/ via SafeSquid proxy.
SafeSquid is displaying template :

SSL Connection to testselfsignedcert.safesquid.local:443 denied
X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: The passed Certificate is Self-Signed and the same certificate cannot be found in the list of trusted certificates][/quote

[samidha]

The passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.
You can verify the SSL certificate on your web server to make sure it is correctly installed, valid, trusted and doesn't give any errors to any of your users.
Use SSL Checker, simply enter your server's host name (must be public) in the box below and click the Check SSL button.
You should get warning

The certificate is self-signed. Users will receive a warning when accessing this site unless the certificate is manually added as a trusted certificate to their web browser. You can fix this error by buying a trusted SSL certificate

If you need an SSL certificate, check out the SSL Wizard.
You should tweet ....

[samidha]

In all the modern browsers " X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT" can be bypassed by just adding an exception when you visit the website.
But when such websites when you access via SafeSquid proxy, SafeSquid will directly blocked you without giving you access.

The Error Template will Displayed as shown and you cannot access the website

SSL Connection to testselfsignedcert.safesquid.local:443 denied
X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: The passed Certificate is Self-Signed and the same certificate cannot be found in the list of trusted certificates

image.png (33.59 KiB) Viewed 1959 times

The Error Template explains about the type of SSL Verification check that the particular website FAILED at.
The error that you see above tells that the certificate the site is using is a self-signed ssl certificate
Which can be created by anybody very easily
We do not allow users to access such kind of websites which compromise user’s data.
If this is an company approved website which is used by company for any kind of important use case and the company have setup an self signed SSL Certificate for security measures.
The above template will be seen when you access that site
In our case it is : https://testselfsignedcert.safesquid.local/

[samidha]

SafeSquid can bypass " X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT " this error by making a policy for SSL bypass. And you can successfully access your Internal Site https://testselfsignedcert.safesquid.local/
But we can not recommend that solution. Because SafeSquid is Secured web Gateway and it is against the policy of Web Security.