Unable to access HTTPS or HTTP pages after upgrading to SGOS,, or

<< Back to Knowledge Search



After upgrading to,, or, you are unable to access HTTPS or HTTP

Policy trace shows: EXCEPTION(content_encoding_error): Unknown content encoding

PCAP shows no response from the proxy, or a FIN/ACK after the SSL 'client hello'

Results may vary depending on policy conditions and deployment type, but essentially if you see 'content_encoding_error' in a policy trace while accessing HTTPS or HTTP pages or applications which use HTTPS or HTTP, this KB discusses the cause and resolution.


A new bug has been introduce in,, or in relation to using the following CPL policy condition/actions:

http.response.apparent_data_type=(executable,cabinet), detect_protocol(none), or detect_protocol.ssl(no)

If you are using this policy in an explicit deployment under,, or, then HTTPS or HTTP pages may be inaccessible.


This policy is also automatically created when enabling 'Malware scanning' under:

Configuration--> Threat Protection --> Malware scanning.


Possible work-arounds to the problem are:

1) Upgrade to SGOS

1) Remove any apparent data type policies

2) Disable Malware scanning

3) Revert back to a previous version of SGOS 

4) Enable protocol detection for affected sites (sites that require protocol detection to be disabled may still fail)

This has been raised internally under bug :

Bug 175814 - cannot access HTTPS sites with http.response.apparent_data_type policy under explicit deployment.

This bug has been fixed and is expected to be included in the next GA release of each affected SGOS branch (no ETA at this time).


Additional Information
Bug Number
InQuira Doc IdKB5071

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      SGOS 5.5, SGOS 6.2
Article Number      000014189
Was this helpful?
Previous MonthNext Month