I started getting the dreaded 516 Upstream CN Mismatch error this afternoon for a few users. It is odd because on the page itself, there is no SSL error. Checking the certificate itself, the CN matches fine. I re-installed the Umbrella root CA just in case, but still get the error.
The connection is "secure" according to the browser:
Found this help article https://support.umbrella.com/hc/en-us/articles/16794331853588-How-do-I-resolve-the-error-516-Upstrea... and the SAN matches as well:
I did turn intelligent proxy and ssl decryption off for a short while ~5 hours ago or so trying to diagnose a website issue, but other than that didn't make any changes. Am I missing something obvious here? I did re-download the root CA since re-enabling ssl decryption and imported it on the machine I'm testing on (and took the above screenshots from) and imported to the trusted root CA store, but I think the cert was the same.
