In a network where many services are attempting to perform SSL inspection by installing their own self-signed certificates on client devices, I’ve encountered issues such as random hiccups, slowness, and certificate errors on the client side. How can I optimize this setup? Is it even advisable to allow so many applications and services to perform SSL inspection?
We don’t have the firewall doing any SSL inspection as it can cause so many issues. We do filtering via an app on the endpoint.
Thank you for your response. Aside from firewalls, many programs and agents that are installed on clients, such as antivirus software, DLP agents, and RMM agents, often install their own self-signed certificates to manage what the system does. When I remove these and leave only one active agent regardless of which one everything works fine with no errors. However, when all these agents are running at the same time, the system starts experiencing random hiccups, slowdowns, and certificate-related errors.