Announcement

**StrobeTech** · 06-02-2019, 12:41 AM

Dome sometimes suffers issues with speed on DNS resolution. Best thing to do is contact Support (domesupport@comodo.com) with you location and that things are going slow and they will work out which nodes your using and solve the issue.

The websites not displaying correctly will more that likely be due to CDN of the website being blocked.

We have added the most well known CDN systems to our whitelisted and this solves all the issues of pages displaying wrong.

**zenmsp** · 06-02-2019, 12:49 AM

The thing is that broken site issue seems to be quite random. The same site would have been working fine a couple of days beforehand.

**StrobeTech** · 06-02-2019, 12:58 AM

They could have added a CDN to the list due to a bad site or maybe you are blocking something that is related to a CDN.

If you look in the blocked logs it will show you that is more than likely a CSS file on a CDN

**Fred** · 06-02-2019, 02:18 AM

Good to know. I'm going to be testing this program this coming week.

**ozermetin** · 06-02-2019, 08:45 PM

As StrobeTech said it might be related with miscategorized CDN. Please send the list of the sites to domesupport@comodo.com with either some screenshots (better wit Developer tools Network tab ) or HAR file https://support.zendesk.com/hc/en-us...roubleshooting. We can identify and resolve the problem quickly.

Regarding the slowness, we are improving us a lot. As you can see https://www.dnsperf.com/#!dns-resolvers,North%20America (Shield is shown as NuSEC there) the response time is now much better than Google DNS. Time to time due to DDOS, server problems or maintenance, some regions might feel performance drops but it should be temporary.

**zenmsp** · 06-11-2019, 12:59 PM

ok it is the CDN that is the cause, however not because it is being blocked, but because it is causing an SSL error, which stop the resources from being loaded by the site.
example: just-eat.co.uk

Here is a screesnhot, showing the error that comes from one of the CDN resources
https://shots.screenr.co/screenr.html?id=YHJyO9383hle

When checking the SSL cert, the original SSL cert is being replaced by a comodo certificate, which is causing the error.

**StrobeTech** · 06-11-2019, 07:35 PM

Have you deployed the SSL of Dome to all your devices??

Doing this should solve the issue.

There is a script for this, but I cannot remember off the top of my head which one works as there are two of them for this.

ozermetin can you let us know which script installs the Comodo SSL to solve this?

**ozermetin** · 06-11-2019, 08:08 PM

yes that is because the site has served the content via https and since we are redirecting it to the block page, it reject our MITM certificate.
normally the agents installs the cert automatically. If you want to download the cert it is under block pages. If you are using ITSM
there is predefined procedure to install the cert to the agents. I have attached the screenshots here

**Jimmy** · 06-11-2019, 08:21 PM

ozermetin ,

Is this the same? https://scripts.itarian.com/frontend...horities-store

**ozermetin** · 06-11-2019, 09:11 PM

Originally posted by Jimmy View Post

ozermetin ,

Is this the same? https://scripts.itarian.com/frontend...horities-store

yes the same

**zenmsp** · 06-11-2019, 10:49 PM

Thanks for the info.... Shame that support did not know this was required, despite me sending a screencast and telling them 5-6 times that the cause was the ssl cert.

**zenmsp** · 06-11-2019, 10:57 PM

ozermetin you should update the dome setup guide, which is what I followed, as it does not mention having to install this root certificate.

Announcement

Sites broken when using Dome

Sites broken when using Dome

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment