Description

An attempt to connect to a secured web site fails, returning Secure Connection Failed  error.

Comments

DeviceLock uses its own certificate to encrypt SSL traffic, while some web sites/applications can only work with a predefined certificate.

Recommendations

To resolve HTTPS site connection issues, it's IP address or host name must be added into SSL Protocol WhiteList.

Example:

Hosts may be specified in any of the following formats:

•DNS name (for example, company.com). You can use the asterisk (*) wildcard in DNS names (for example, *.company.com matches any server name that ends in .company.com).

•IPv4 address (for example, 12.13.14.15). You can specify a range of IPv4 addresses separated by a dash (-) (for example, 12.13.14.18-12.13.14.28). You can also specify the subnet mask for the IPv4 address using the following format: <IPv4 address>/<subnet mask width in bits> (for example, 3.4.5.6/16).

•IPv6 address, such as fe80:0000:0000:0000:0a2f:7e00:0004:533a, fe80:0:0:0:a2f:7e00:4:533a, or fe80::a2f:7e00:4:533a.

Multiple hosts must be separated by a comma (,) or semicolon (;). You can also press ENTER after each entry. You can specify multiple hosts in different formats described above (for example, www.microsoft.com; 12.13.14.15, 12.13.14.18-12.13.14.28).

In case of application-connection problems you need first to determine which Server the application is connecting to using TCP View tool:
http://technet.microsoft.com/en-us/sysinternals/bb897437

Some applications use various servers from the reserved IP range, making it difficult to setup the SSL White List.
In this case we recommend contacting  the application's support team to receive the complete list of IP addresses (ranges) in use.

*You can search the NetworkLock issues section of this Knowledge Base for the information on resolving of similar issues.