This article shares steps to follow to take a full backup of the Symantec ProxySG and Advanced Secure Gateway (ASG) configuration and policy by using SSH-Console. This will have all the configuration except for private keys which are set to "Hidden".
IMPORTANT: Because the configuration archive contains your private keys, store it in a secure location. This will only display private keys of Keyrings which are set to "Show". Private keys which are set to "hidden" will not be displayed in backup.
Note: If you are running version 7.x, the above command will not work, it has been removed. In version 7.x, the Workaround is to set security private-key-display unencrypted option in config mode before running show configuration expanded noprompts command. After set that option you can see configuration output with keyring information.
Blue Coat#configure terminal
Blue Coat#(config)security private-key-display unencrypted
Blue Coat#show configuration expanded noprompts
The expanded configuration will be written to the file you specified in step 1; this may take some time depending on the size of your configuration. This copies the entire configuration as well as the security keyrings (both private and public keys), unencrypted.
IMPORTANT: Make sure that no ccl name starts with "bluecoat"; this is not allowed. If a ccl starting with "bluecoat" is found, identify the related section and remove it. Below is a common example of lines to be removed from the backup: