How to setup the SSL Preserve Untrusted Issuer feature in SGOS 6.3 ?

Solution

Overview

The following Content Policy Language (CPL) demonstrates how to setup the Preserve Untrusted Issuer feature in SGOS 6.3 :


<SSL-Intercept>
    ssl.forward_proxy.preserve_untrusted(yes)
   
<SSL-Intercept>
    ssl.forward_proxy(https) ssl.forward_proxy.issuer_keyring(default)
 

You can also configure the Global Setting through the following CLI Commands :

SG210#config term
SG210#(config)ssl
SG210#(config ssl)proxy preserve-untrusted ?
 disable                      Do not preserve untrusted certificate issuer
 enable                       Preserve untrusted certificate issuer
SG210#(config ssl)proxy preserve-untrusted enable
SG210#(config ssl)exit
SG210#(config)exit
SG210#
 

Notes :

1. Replace the "default" keyring with the keyring you have configured for your SSL Forward Proxy.

2. For further information and explanations, please refer to the SGOS 6.3 Administration Guide.

Cause
Resolution
Workaround
Additional Information
Bug Number
InQuira Doc IdFAQ1773
Attachment

Article Feedback

Did this Article solve your issue?
Additional Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat