000031844 - Bluecoat SSL Visibility "Traffic between Google Chrome and Google services, such as Gmail, can no longer be decrypted by SSLV and result in an Invalid MAC error. "

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000031844
Applies ToRSA Product Set: Security Analytics
Platform: Bluecoat SSL Visibility
IssueTraffic between Google Chrome and Google services, such as Gmail, can no longer be decrypted by SSLV and result in an Invalid MAC error. 



The user sees the Chrome browser report This webpage is not available, with an ERR_CONNECTION_CLOSED message.



This issue affects both Windows and MAC versions of Chrome. Safari and Firefox do not appear to be affected.



 
CauseThis change in behavior is due to Google enabling new TLS extensions not supported by SSL v3, specifically signed_cert_timestamp and extended_master_secret
Resolution

  
The issue has now been addressed as part of the 3.8.6 release available on the BTO.

  
WorkaroundA cut-through rule should be added in the appliance's policy for *.google.com to allow for successful connections to Google services.
NotesBluecoat SSL visibility is used to decrypt encrypted traffic before it is sent to the packet decoder for capturing.
RSA used to sell the SSL visibility appliance to customers so we support issues that happen to the SSL Visibility. 

Attachments

    Outcomes