Unable to download or install a newer version of SGOS (CERT_EXPIRED)

book

Article ID: 167727

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Unable to upgrade SGOS from the Blue Coat download link.
Error:  Unable to connect to the download site
The event log reports the following messages:

Server certificate validation failed: CERT_EXPIRED, Name in certificate: bto.bluecoat.com 0 310000:1 ../te_transaction.cpp:1219
Console agent unable to download new system image, unable to contact server https://bto.bluecoat.com, (error code 48) 30 60002:96 ../cag_image_downloader.cpp:60
 

Resolution

The date and time on the ProxySG are not correct.  Please set the correct time on the ProxySG. 

SSL certificates have dates and times in which those certificates are valid.  If the ProxySG's time is too far behind or too far into the future, then the SSL certificate for the BTO web site will fail.  To resolve the issue, please adjust the appliance's time to the actual time.

How to change the time via the Management Console/GUI:

1.)  Login to the Management Console (https://<ip.address.of.proxysg>:8082)
2.)  Go to the Configuration tab > General > Clock > Clock
3.)  In Current time, set the proper UTC time.  For this to work properly, you need to set the appropriate time zone.  NOTE:  If the date and time are greyed out, then you will need to uncheck Enable NTP further down the page.
4.)  Click on the Apply button to save your changes.

NOTE:  It is best to setup the proxy with an NTP server.  If the proxy is already configured for NTP, click on the Acquire UTC time button.  If the proxy is unable to reach an NTP server (firewall blocked), then manually adjust the time.