Seeing "Fail to convert id to name:SSLe:Host categorization [0x3a002902;code:2;sub:41] Invalid parameter" in SSL Visibility logs

book

Article ID: 169344

calendar_today

Updated On:

Products

SSL Visibility Appliance Software

Issue/Introduction

Messages file contains similar log entries:

ssldata[24638]: [W] Fail to convert id to name:SSLe:Host categorization [0x3a002902;code:2;sub:41] Invalid parameter 


In Policies --> Host Categorization Lists, "Enable Online Query" parameter is *checked* for Blue Coat DB provider:

User-added image

 

Cause

Blue Coat WebPulse service returned a Host categorization ID as a response to an Online Query, that could not be found in the downloaded Host categorization database.

Some URL categories are not visible to the end customer and hence are not a part of the Host categorization database regularly downloaded to the device. An example of such category could be "URL Redirector/Alias" that categorizes sessions pointing to URL redirectors:

https://sitereview.bluecoat.com/catdesc.jsp?catnum=104






 

Resolution

We might be able to closely identify such sessions by doing a SSL session log review.

Currently, there is no plan to address these categories by i.e. Host categorization DB extension. There are 2 options at the moment:

1) Disable Online Queries for Blue Coat DB provider
or
2) Ignore these warnings

Attachments