Wget not able to connect to ProxySG


Article ID: 169292


Updated On:


Asset Management Solution Data Center Security Monitoring Edition Advanced Secure Gateway Software - ASG ProxySG Software - SGOS


Wget is a program which can be used to fetch configuration and other data from the ProxySG via http and https.

Wget version below 1.16.1 is not able to establish a SSL connection to  SGOS 6.6.x.x but it is able to connect to SGOS 6.5.x.x


Wget 1.16.1 introduces TLSv1.1 and TLSv1.2 when establishing SSL connection to a HTTPS enabled site. Wget version below 1.16.1 has only TLSv1.0.

SGOS 6.6.x.x will disable TLSv1.0 by default as TLSv1.0 is vulnerable to POODLE attack.

SGOS 6.5.x.x has TLSv1.0 enabled by default. When Wget version below 1.16.1 connects to a ProxySG using SGOS 6.5.x.x it will connect via TLSv1.0 but when it tries to connect to SGOS 6.6.x.x, the SSL connection will fail as SGOS 6.6.x.x has disabled TLSx1.0.


There are two ways to resolve this
1. Upgrade Wget to any version above 1.16.1. These versions will have TLSv1.1 and TLS1.2 for connectivity.

2. Enable TLSv1.0 from the HTTPS-console. This is not recommended as the ProxySG will be vulnerable to PODDLE attack.