Knowledge Center

Web Gateway "Verify Safe Signature Algorithms" rule skips the "Verify Common Name" rule set
Technical Articles ID:   KB87130
Last Modified:  12/20/2018


McAfee Web Gateway (MWG) 7.6.1.x,,


The default SSL Scanner policy in Web Gateway 7.6.1/ has introduced two new rules (Verify Safe Signature Algorithms and Block unsafe Signature Algorithms) for Certificate Verification. The rule Verify Safe Signature Algorithms stops the rule set and the Verify Common Name rule set is bypassed.
NOTE: This issue affects only installations of the three Web Gateway versions listed in the Environment field when using a default SSL Scanner rule set or if you import the SSL Scanner rule set from the Rule Set Library in the user interface. Systems that have been upgraded from previous versions are not affected.


The position of the Verify Safe Signature Algorithms rule is too early.


There are two possible solutions:
  • Import the fixed SSL Scanner rule set from the Online Rule Set Library:
    NOTE: If you have issues with the login, please send an email to service@mcafee.com.
  • Fix the rule set manually by moving the rules into a seperate rule set:
    NOTE: See the screenshot in the Attachment section of this article for an example of how the rule set should appear.
    1. Open the Web Gateway user interface.
    2. Click Policy, Rule Sets, SSL Scanner, Certificate Verification.
    3. Highlight the rule Verify Safe Signature Algorithms.
    4. Click Copy to copy the rule.
    5. Create a new Sub-Rule Set Verify Signature Algorithms.
    6. Paste the rule Verify Safe Signature Algorithms into the new rule set.
    7. Copy the rule Block unsafe Signature Algorithms and paste it immediately below the rule Verify Safe Signature Algorithms.
    8. Delete the two old rules from the Certificate Verification rule set.


SSL Scanner - Verify Safe Signature.pdf
57K • < 1 minute @ broadband

Rate this document

Glossary of Technical Terms

 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.