Update the Edge SWG Trust Package in a Closed Environment with Management Center
search cancel

Update the Edge SWG Trust Package in a Closed Environment with Management Center

book

Article ID: 226728

calendar_today

Updated On:

Products

ProxySG Software - SGOS ISG Proxy Management Center

Issue/Introduction

You can host the trust package file on Management Center (MC) if you have an Edge SWG (formerly ProxySG) device in a closed network or if it is having issues downloading the trust package directly such as:

 

Resolution

The trust package must be available by HTTP not HTTPS. Enable HTTP on the MC appliance temporarily to host the trust package then disable it when completed.

These changes are required because the Edge SWG utilizes HTTP URLs for the trust package. In the example below, we chose port 8080 for the Edge SWG to communicate with MC to download the Trust Package.

The steps involved are:

  • Download the trust package locally
  • Enable HTTP on the MC
  • Upload the file to MC
  • Change the URL for the trust package on the Edge SWG
  • Download the trust package on the Edge SWG
  • Disable HTTP on MC

Download the trust package locally

Download the trust package from http://appliance.bluecoat.com/sgos/trust_package.bctp

If clicking the link does not initiate the download, right-click the link and select "Save As" to download the file.
 
Place the file on a system where you can upload it to MC.

Enable HTTP on the MC

By default HTTP is disabled on MC:

Enable HTTP on MC:

Upload the file to MC

Add the file on MC:

 Get the hosted URL for the trust package by using the "Copy the URL" button on MC:

Change the URL for the trust package on the Edge SWG

Add the copied URL from MC to the trust package URL on the Edge SWG appliance:

Download the trust package on the Edge SWG

Download the trust package on the Edge SWG appliance and load the trust package:

The Edge SWG appliance will show the messages above for a successful download from MC.

If there is a more recent trust package on the device the Edge SWG will not download the package. This is not a problem.

Disable HTTP on MC

After hosting the trust package, disable HTTP on MC (if it was previously disabled) by executing the following commands via CLI:

 

> en
# configure terminal
(config) # security HTTP disable

 

Powered by Wolken Software