SSL issues after upgrading to 6.2.8.1


<< Back to Knowledge Search

Technical Alert

Affected Products

All ProxySG platforms running SGOS 6.2.8.1.

 

Note: This issue has been fixed in SGOS 6.2.9.1.

Overview

The list of valid certificate authorities packaged in SGOS 6.2.8.1 is missing one of VeriSign's servers. Trying to access a website that uses a certificate signed by that server will cause the proxy to fail certificate validation and return an exception back to the user.

Status
Resolution
Workaround

The Certificate Authority can be manually added to the ProxySG's configuration file using the following instructions

1. Open the ProxySG's GUI and go to SSL / CA Certificates
2. Click on Import, name the certificate and Copy/Paste the certificate information below, making sure there are no extra spaces before or after the markers

Note : In SGOS 6.3, this Certificate Authority is named "VRSN_Class_3_Pub_Pri_Cert_Auth_G1" so Blue Coat recommends using that name as well
 

 

-----BEGIN CERTIFICATE-----
MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
-----END CERTIFICATE-----

 

 

3. Click "OK", then "Apply"

 

4. Click on the "CA Certificate Lists" tab, pick "Browser-trusted", then click "Edit"

5. Pick the certificate you just created, click "Add", then click "OK"

6. Click "Apply"

Bug Number
InQuira Doc IdTFA95
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Topic      SSL / HTTPS
Article Number      000007612
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat