Bug fix:SG-24045の詳細について
Article ID: 218434
Updated On:
Products
Issue/Introduction
SGOS6.7.5.9のBug fix SG-24045はどのような問題ですか?
証明書のhostnameがincorrectになる条件は何ですか?
Environment
Release :6.7.5.9
Component :URL filtering
Resolution
証明書のCommon nameにワイルドカードが使われているサイトにアクセスすると事象が発生し、
x-rs-certificatehostname-categoriesがNoneとなってしまいます。
Additional Information
Policy traceを使った事象再現時のサンプルを掲載致します。
サンプルサイト、assets2.jiveon.comではCommon nameとして「*.jiveon.com」が設定されております。
不具合バージョンでは、x-rs-certificatehostname-categoriesに相当する箇所"server.certficate.hostname.category"がNoneとなってしまいます。
Bug fix前
================================================================================================
GET https://assets2.jiveon.com/core/2018.25.0.0.787d0e3/styles/jive-widgets.css
origin server next-hop IP address=104.79.147.62
User-Agent: libwww-perl/6.05
user: unauthenticated
authentication status='not_attempted' authorization status='not_attempted'
url.category: [email protected];Business/[email protected] Coat;Content Delivery [email protected] Coat
total categorization time: 2
static categorization time: 2
server.certficate.hostname.category: [email protected];[email protected] Coat
================================================================================================
Bug fix後
================================================================================================
GET https://assets2.jiveon.com/core/2018.25.0.0.787d0e3/styles/jive-widgets.css
origin server next-hop IP address=104.119.25.96
User-Agent: libwww-perl/6.05
user: unauthenticated
authentication status='not_attempted' authorization status='not_attempted'
url.category: [email protected];Business/[email protected] Coat;Content Delivery [email protected] Coat
total categorization time: 2
static categorization time: 2
server.certficate.hostname.category: [email protected];Business/[email protected] Coat;Technology/[email protected] Coat
================================================================================================
Attachments
Feedback
