VPM Action object “Set Server Certificate Validation CCL” created under SSL Access Layer using Web VPM/Management Center is not visible with Legacy VPM

book

Article ID: 237307

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Setting a "Server Certificate Validation CCL" action object under SSL Access Layer allows admin to configure the CA Certificate List (CCL) to use for a specific IP address or hostname. The selected CCL will be used to trust the OCS certificate. When this object is not used, the default server certificate validation CCL is applied.

The action object “Set Server Certificate Validation CCL” can be created either using Legacy VPM or Web VPM/Management Center. If the object is created using Web VPM/Management Center then the object is not visible under Legacy VPM. You will see action object as None.

Action object "ServerCertificateValidationCCL2 " of type "Set Server Certificate Validation CCL" created using VPM:

After the policy installation, If you use Legacy VPM to view the policy:

 

You can see the Action object is showing as “None”.

Caution: If you see this issue, then don't use Legacy VPM to make any change . As the policy installation from legacy vpm will override the action object to None for web VPM also.

Resolution

Use Web VPM only for policy management.

Attachments