Google Chrome prompts for credentials using NTLM in transparent IWA (Direct/BCAAA) deployment with SSL interception
Last Updated May 13, 2017
Before applying the fix provided in this article, refer to:
KB article 000027763 to configure transparent authentication while doing SSL Interception with a Microsoft PKI
KB article KB3930 if you are using a self-signed certificate
This article was written using the following software for testing:
SGOS 220.127.116.11 and 18.104.22.168
Windows 2008 Enterprise Server SP2 PKI.
Google Chrome 52.0.2743.82 m
Google Chrome prompts for authentication credentials while the address bar in the browser displays the virtual URL used for authentication.
When the name of your ProxySG appliance must be within your Trusted Sites due to your network deployment structure, the default option for User Authentication in the Trusted Sites Security Settings is set to "Automatic logon only in Intranet zone", which excludes sites located in the Trusted Sites. Thus, the browser prompts for credentials.
Change the User Authentication mode in the Trusted Sites Security settings.
In Internet Options, select Security > Trusted Sites > Custom level > User Authentication - Logon.
Select Automatic logon with current user name and password.
Save the changes.
Imported Document ID: 000032029
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe