FAQ

How to setup the SSL Preserve Untrusted Issuer feature in SGOS 6.3 ?

FAQ ID:    FAQ1773
Version:    2.0
Status:    Published
Published date:    12/19/2011
Updated:    10/15/2013
 

Answer

The following Content Policy Language (CPL) demonstrates how to setup the Preserve Untrusted Issuer feature in SGOS 6.3 :


<SSL-Intercept>
    ssl.forward_proxy.preserve_untrusted(yes)
   
<SSL-Intercept>
    ssl.forward_proxy(https) ssl.forward_proxy.issuer_keyring(default)
 

You can also configure the Global Setting through the following CLI Commands :

SG210#config term
SG210#(config)ssl
SG210#(config ssl)proxy preserve-untrusted ?
 disable                      Do not preserve untrusted certificate issuer
 enable                       Preserve untrusted certificate issuer
SG210#(config ssl)proxy preserve-untrusted enable
SG210#(config ssl)exit
SG210#(config)exit
SG210#
 

Notes :

1. Replace the "default" keyring with the keyring you have configured for your SSL Forward Proxy.

2. For further information and explanations, please refer to the SGOS 6.3 Administration Guide.


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question