How do I enable and capture the SSL proxy debug logs on the ProxySG?

book

Article ID: 166084

calendar_today

Updated On:

Products

ProxySG Software - SGOS Advanced Secure Gateway Software - ASG

Issue/Introduction

Follow these steps when instructed to do so by Proxy Technical Support.

How to Get a SSL Proxy Debug Log

  1. Navigate to the advanced HTTP console url: https://<ip.address.of.proxy>:8082/sslproxy/setdebugmask . Here you will need to specify exactly what you want traced. In most cases you will need to select all of the options if an SSLDebug Log has been requested from you.
  2. Go to the actual debug page at https://<ip.address.of.proxy>:8082/sslproxy/Debug, or simply follow the Display SSL Proxy Debug Info from the SetDebugMask console page.
  3. Clear the debug log and immediately reproduce the issue, once reproduced, refresh the /sslproxy/Debug console URL, and observe the HTTP debug trace that has been generated. 

Resolution

See the Example Output Below. 

6015.082 --- End Log [01/Oct/2009:23:14:19 +0800] ---
5928.033 --- End Log [01/Oct/2009:23:12:52 +0800] ---
4106.360 SSLW 96C52990 (2987C44): shutdown: SSL Worker previous state 3, error code 6, line 565
4106.360 SSLW 96C52990 (2987C44): Connect_to_server failed, reason=TE_CONNECT_ERROR_SOCKET_FAILURE
4101.360 SSLW 96C11990 (2987BD8): shutdown: SSL Worker previous state 3, error code 6, line 565
4101.360 SSLW 96C11990 (2987BD8): Connect_to_server failed, reason=TE_CONNECT_ERROR_SOCKET_FAILURE
4031.393 SSLW 96C52990 (2987C44): SSL Intercept URL: "ssl://10.105.13.19:443/"
4026.391 SSLW 96C11990 (2987BD8): SSL Intercept URL: "ssl://10.105.13.19:443/"
2267.826 SSLW 96C07990 (2987D88): shutdown: SSL Worker previous state 3, error code 6, line 565
2267.826 SSLW 96C07990 (2987D88): Connect_to_server failed, reason=TE_CONNECT_ERROR_LOOP_CONNECTION
2267.824 SSLW 96C07990 (2987D88): SSL Intercept URL: "ssl://10.105.13.18:443/"
2267.819 SSLW 96C07990 (2987D88): shutdown: SSL Worker previous state 3, error code 6, line 565
2267.819 SSLW 96C07990 (2987D88): Connect_to_server failed, reason=TE_CONNECT_ERROR_LOOP_CONNECTION
2267.818 SSLW 96C07990 (2987D88): Allocating external session cache for ctx 40C75220
2267.815 SSLW 96C07990 (2987D88): SSL Intercept URL: "ssl://10.105.13.18:443/"
0019.571 SSL-map Proprietor (297F4D8): Index for ctx extra data is 1

Additional Information

NOTE: If you wish to read these files on your own, they are read from the bottom, upwards.