Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 16 replies
  • Subscribers 1 subscriber
  • Views 3790 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ASG v8.1 Transparent Mode with Auth does not check "Skip certificate checks"

Ralf-vie
Hello ! 

Just updated my ASG to v8.1:

I use for one network http and https Transparent Mode with Authentication (Scan HTTPS (SSL) traffic enabled !). 

If I try to access a https website located in the "Skip certificate checks" list within the https Exception-page, I get following error: 

...exceptions="" error="Failed to verify server certificate"

If try the same webpage with standard mode everything works fine. 

Please help & kind regards 

Ralf


This thread was automatically locked due to age.
Parents
  • 0
    Sorry, I don't have the issue any more. Talking about things often helps. Error was on the server's side.
  • 0 in reply to steffenkoelsch
    Attempting to access the Cisco Netacad page and it does not work while HTTPS Scanning is enabled. Go to site here and click login on the right hand side. Page times out with no message from Astaro to the client and the server has the following in logs: 

    2011:04:06-00:28:46 gateway httpproxy[5796]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x95524e8" function="ssl_connect" file="ssl.c" line="1015" message="ssl_handshake: Connection reset by peer"


    2011:04:06-00:23:53 gateway httpproxy[5796]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.188.2" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="0" time="0 ms" request="0x9409628" url="72.163.6.223" exceptions="" error="Failed to verify server certificate"


    Running:
    Firmware version: 8.102
    Pattern version: 21650
Reply
  • 0 in reply to steffenkoelsch
    Attempting to access the Cisco Netacad page and it does not work while HTTPS Scanning is enabled. Go to site here and click login on the right hand side. Page times out with no message from Astaro to the client and the server has the following in logs: 

    2011:04:06-00:28:46 gateway httpproxy[5796]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x95524e8" function="ssl_connect" file="ssl.c" line="1015" message="ssl_handshake: Connection reset by peer"


    2011:04:06-00:23:53 gateway httpproxy[5796]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.188.2" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="0" time="0 ms" request="0x9409628" url="72.163.6.223" exceptions="" error="Failed to verify server certificate"


    Running:
    Firmware version: 8.102
    Pattern version: 21650
Children
No Data
Cookie Information Banner