[VoiceOps] PSA - Hosting SHAKEN cert behind Cloudflare

Jared Geiger compuwizz at gmail.com
Sat Jul 15 21:53:39 EDT 2023


We were notified that some validators were unable to pull our cert which is
hosted behind Cloudflare.

I believe the fix is to create a WAF rule to match when the  User Agent
contains "Java/1.8.0" and then choose the Skip action.

Please share if anyone has any better tips for WAF rules for this scenario.

I was seeing Bandwidth, TransUnion, and Level3 getting blocked.

TransUnion gave me the heads up and mentioned they saw it with other
carriers lately also.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20230715/e3692284/attachment.htm>


More information about the VoiceOps mailing list