Knowledgebase
Safetica 9.1 blocking access to Google websites
Posted by Michael Skoupý, Last modified by Martin Imrich on 11 November 2019 08:29 AM

On November 6, 2019, Google has updated the SSL certificate they use for all their web services. The new certificates caused an incompatibility with Safetica, which resulted in blocked access to Google websites and services.

Technical note: Safetica follows strict security practice for certificate validation and the change caused Safetica to detect the new certificate as revoked, as Windows's built-in certificate validation could not correctly verify Online Certificate Status Protocol (OCSP) signing. Safetica therefore blocked this certificate and all associated network connections as the set standards were not validated.

To restore access to Google services for our customers, we have immediately released a new definition update that was automatically applied to all Safetica endpoints. This definition update disables Safetica’s network inspection on Google-owned domains, which may result in partial loss of Safetica DLP functionality, although the main web monitoring features are preserved.

A complete and permanent fix for this situation is included in the upcoming Safetica 9.3, which is scheduled for release during the next week (November 15, 2019 the latest). As usual with Safetica, the new version will be available as a download package at first, with an automatic update scheduled approx. 2 weeks after this date. Once we publish the Safetica 9.3, you can download it on this link: http://downloads.safetica.com/safetica_setup.exe.

In the meantime, we have also released an updated version of the current Safetica 9.1. Starting from Safetica build 9.1.135, all access to Google services as well as Safetica DLP features on these websites will be restored. Please note that there are two required actions to restore the functionality with this version (Safetica 9.1.135):

  • all endpoints in your network are updated to this version, and (do not proceed with removing the exceptions if all your endpoints are not updated to this version as these endpoints could not access Google websites)
  • Google-related exceptions are removed from Safetica Management Console - Maintenance - Integration settings - Trusted servers.
(0 vote(s))
Helpful
Not helpful