How to setup the SSL Preserve Untrusted Issuer feature in SGOS 6.3 ?


<< Back to Knowledge Search

Solution

Overview

The following Content Policy Language (CPL) demonstrates how to setup the Preserve Untrusted Issuer feature in SGOS 6.3 :


<SSL-Intercept>
    ssl.forward_proxy.preserve_untrusted(yes)
   
<SSL-Intercept>
    ssl.forward_proxy(https) ssl.forward_proxy.issuer_keyring(default)
 

You can also configure the Global Setting through the following CLI Commands :

SG210#config term
SG210#(config)ssl
SG210#(config ssl)proxy preserve-untrusted ?
 disable                      Do not preserve untrusted certificate issuer
 enable                       Preserve untrusted certificate issuer
SG210#(config ssl)proxy preserve-untrusted enable
SG210#(config ssl)exit
SG210#(config)exit
SG210#
 

Notes :

1. Replace the "default" keyring with the keyring you have configured for your SSL Forward Proxy.

2. For further information and explanations, please refer to the SGOS 6.3 Administration Guide.

Cause
Resolution
Workaround
Additional Information
Bug Number
InQuira Doc IdFAQ1773
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      SGOS 6.3, SGOS 6.4, SGOS 6.5
Topic      SSL / HTTPS
Article Number      000011374
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat