Bypass server certificate validation using the Edge SWG (ProxySG) Visual Policy Manager
search cancel

Bypass server certificate validation using the Edge SWG (ProxySG) Visual Policy Manager

book

Article ID: 166313

calendar_today

Updated On: 11-14-2023

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

When attempting to access HTTPS sites, an Edge SWG (ProxySG) returns "SSL untrusted issuer" message. This can occur if an Edge SWG (ProxySG) is unable to validate the web server certificate issuer.

Resolution

A workaround for this issue is to Add a rule within the Edge SWG (ProxySG) Visual Policy Manager to bypass or not perform server certificate validation for all sites or just one site.  

To Disable server certificate validation for all web sites in Explicit and Transparent proxy deployment:

  1. Launch the Visual Policy Manager
  2. Add SSL Access Layer
  3. Add a new rule
  4. Leave Source as Any
  5. Leave Destination as Any
  6. Right·click under Action column -> Set... -> New... -> Set Server Certificate Validation...
  7. Select Disable server certificate validation
  8. Click OK -> Install policy


To Disable server certificate validation for one website in Explicit and Transparent proxy mode:

  1. Launch the Visual Policy Manager
  2. Add SSL Access Layer
  3. Add a new rule
  4. Leave Source as Any
  5. Right·click under Destination column -> Set... -> New... -> Request URL...
  6. Type in the hostname of the website
  7. Click Add -> Click Close -> Click OK
  8. Right·click under Action column -> Set... -> New... -> Set Server Certificate Validation...
  9. Select Disable server certificate validation
  10. Click OK -> Install policy

 


 

 

 

Powered by Wolken Software