How do you prevent untrusted certificate errors when not using SSL?

FAQ ID:    FAQ2252
Version:    3.0
Status:    Published
Published date:   
Updated:    01/14/2014


If a ProxySG is configured to be both a forward and a reverse proxy, and SSL intercept is not being used, it is possible to see the untrusted certificate errors when the forward proxy accesses a HTTPS site. 

Even though SSL intercept is not being used, if a reverse proxy is configured, the SSL component of SGOS is active and can detect an untrusted certificate. 

In order to prevent this error, an SSL Access layer can be added, with a rule to prevent server certificate checking. It is not necessary to have an SSL Intercept layer.

To complete this action:

  1. From Policy > Add SSL Access Layer
  2. Right Click the Action value and select Set
  3. Select NewSet Server Certificate Validation
  4. Select Disable server certificate validation > Select OK > Select OK
  5. Select Install policy


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.

Your response will be used to improve our document content.

Ask a Question