Managing the SSL client on the ProxySG

book

Article ID: 166705

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

You want  set up the SSL client configuration so that you can use the ProxySG as an SSL client.

Resolution

Only one SSL client can be created on a ProxySG. Creation of the SSL client means that for every HTTPS connection to the destination server, the ProxySG picks the parameters needed for negotiating the SSL connection from the SSL-client configuration. Thus, multiple SSL connections to different HTTPS destination servers can be supported with a single SSL-client configuration. This is similar to a browser where one configuration is used to negotiate multiple connections with different hosts.

If you feel that you need to create a new SSL client, you can only do this through the CLI, and the existing SSL client must be deleted first.

If you just need to change the protocol, the cipher suites, or the keyring associated with the SSL client, you do not need to recreate the client.

Please note that the items discussed below are contained in the Configuration and Management Guide (CMG) or Administration Guide for the version of SGOS you are running in your environment.  The document can be downloaded from https://bto.bluecoat.com/ .

For SGOS 4.x, if you wish to change the cipher suites and keyring on an SSL client, please see Section C: Managing the SSL Client, Chapter 7: Using Secure Services in the SGOS 4.x CMG.

For SGOS 5.x, if you wish to change the cipher suites and keyring on an SSL client, please see Appendix C: Managing SSL Traffic; of Volume 4: Securing the Blue Coat ProxySG of the SGOS 5.x CMG.

For SGOS 6.x, if you wish to change the cipher suites and keyring on an SSL client, please see: Managing SSL Traffic; chapter 60: Securing the Blue Coat ProxySG in the SGOS 6.x Administration Guide.