HTTPS Interception Causes Issues with Some Amazon CloudFront Service Sites
Article ID: 168855
Asset Management SolutionData Center Security Monitoring EditionProxySG Software - SGOS
When the ProxySG appliance intercepts HTTPS, sites hosted by Amazon CloudFront service may not be accessible.
The ProxySG adds the "Cache-Control: max-stale=0" header when accessing URLs. When HTTPS traffic is intercepted, this header is added to that traffic. Some of the sites hosted by Amazon's CloudFront service return s 504 Gateway Time-out response, if the request contains "Cache-Control: max-stale=0".