A device may receive a message, associated with establishing a secure session, including a first certificate chain associated with a server device. The device may generate a first certificate fingerprint associated with the first certificate chain and determine a policy identifier associated with a security policy on which the first certificate chain is to be validated. The device may identify a second certificate fingerprint associated with a second certificate chain that has been validated based on the security policy. The device may determine whether the first certificate fingerprint matches the second certificate fingerprint. The device may provide a stored interdicted certificate chain, associated with the second certificate chain, based on determining that the first certificate fingerprint matches the second certificate fingerprint, or provide a generated interdicted certificate chain, associated with the first certificate chain, based on determining that the first certificate fingerprint does not match the second certificate fingerprint.
展开▼
