URL cannot be displayed due to SSL server alert, Alert (Level: Warning, Description: Unrecognized Name) on the ProxySG Appliance

book

Article ID: 168248

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Users can't browse a certain HTTPS URL, and get the following errors or similar.
  • IE: Internet Explorer cannot display the webpage
  • Chrome: This webpage is not available
  • Firefox: The connection was interrupted

Wireshark reports the issue as an "SSL Server Alert with Unrecognized Name" warning:
 
  Alert (Level: Warning, Description: Unrecognized Name)

Resolution

This issue has been fixed in SGOS 6.2.16.1, SGOS 6.4.6.3 and later.
This issue is not relevant in SGOS 6.5, since SSL code in 6.5 already contains the fix.

Workaround

In explicit deployment, this issue can be easily avoided by disabling protocol detection:
 
<Proxy>
url.domain=<URL> detect_protocol(none) ALLOW

In transparent proxy deployment, disabling protocol detection doesn't resolve the issue. Static bypass or TCP Tunnel proxy service are possible workarounds.