In message <8c26a4fdae599041a13eb499117d3c286b396...@ex-mb-1.corp.atlasnetworks.us> someone claiming to be Nathan Eisenberg <nat...@atlasnetworks.us> typed:
>> I doubt it, why would the SSL cause problems unless you denied clients >> authentication, but why would you deny access to your own clients?!? > >You probably don't have the ability to sign valid certificates for >update.microsoft.com. With the ability to push root certificates out to machines it wouldn't be difficult to dummy up certificates that would pass muster. Of course just pushing the proper registry settings would be far easier than screwing around with any of that. >Since you're redirecting SSL traffic bound for >that destination, instead of telling the application to talk to the >right server, the common name is going to be wrong, and the SSL >handshake will fail. SSL certificates aside, while Windows Update and WSUS provide similar functionality the protocol isn't interchangeable and the functionality isn't identical. --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org