Symptom
Websites are showing untrusted certificates in browsers when navigating to sites using certificates not trusted by the current SSL Policy.
Certificates issuer is "Firepower Untrusted Issuer"
Conditions
SSL Policy with "Propagate untrusted server certificates to clients" enabled is deployed.
Snort 3 is enabled.
"Propagate untrusted server certificates to clients" setting is then disabled, and SSL policy deployed.
Workaround
Clear the ssl cache on the Firepower device:
> system support ssl-cache-clear all
Further Problem Description
Instead of disabling "Propagate untrusted server certificates to clients" the missing untrusted certificate authorities can be added to the policy configuration.
