After configuring the decryption settings, I confirmed that everything was functioning correctly.
However, I noticed that the system logs continuously displayed the message: “Reverse proxy key for server’s certificate is not found.”
Upon investigation, I discovered that this message can occur when the domain information does not match the certificate.
Information used in my decryption setup:
• 1 certificate
• 3 domains (only the subdomains differ) = 3 IP addresses
To resolve this issue, I needed to define the destination information using URL formats instead of IP addresses. To achieve this, I created a custom URL category.
Then, I modified the policy.
My decryption policy settings before the change:
• Source: any
• Destination: 1.1.1.1, 1.1.1.2, 1.1.1.3
My decryption policy settings after the change:
• Source: any
• Destination: any (with custom URL filtering)
After making these changes, everything is functioning properly, and the error no longer occurs.
I found the solution quickly, but I thought it would be helpful to provide a clearer explanation, so I’m writing this post.