5

When I open twitter.com in my browser, I can see the SSL certificate is issued in the name of my company instead of twitter.com. What is this actually?

S.L. Barth
  • 5,486
  • 8
  • 38
  • 47
user1808556
  • 124
  • 5
  • 4
    It might be that your traffic are passing through your company's proxy where it is replacing the twitter certificate with its own certificate. Mitm attack works in same way but not sure your company is doing this for attack purpose. check http://security.stackexchange.com/questions/8145/does-https-prevent-man-in-the-middle-attacks-by-proxy-server – roguesecurity Mar 16 '16 at 09:15
  • 2
    Only `twitter.com`? If not, why not write this question so that it would relate to a broader audience? – techraf Mar 16 '16 at 10:58
  • If you see it for all sites, then it's exactly as @PiyushSaurabh has suggested, you are going through your company's proxy server. I'm 99.99% sure of this. – Brad Bouchard Mar 16 '16 at 16:31

1 Answers1

9

If for some or all SSL sites you're seeing the certificates as being issued by your employer, it's likely that they are using an SSL intercepting proxy (e.g. BlueCoat).

These systems are designed to allow the company to inspect traffic going over their Internet connection even when it is SSL encrypted. This can be done for purposes of malware scanning and/or content checking for things like content which breaches the company's Acceptable Use Policy.

Depending on your country of operation there may be restrictions on what they are allowed to legally intercept and you should also have been notified (likely when signing your employment documentation) that this connection would be monitored.

If you want to access Internet based resources without this risk, the best bet is to use a device that you own and operate yourself.

Rory McCune
  • 60,923
  • 14
  • 136
  • 217