Navigating Advance URL via Management Center SGAC throws 502 Certificate Error
search cancel

Navigating Advance URL via Management Center SGAC throws 502 Certificate Error

book

Article ID: 263433

calendar_today

Updated On:

Products

Management Center Management Center - VA ProxySG Software - SGOS ISG Proxy

Issue/Introduction

SGAC (SG Admin console) package installed and launched via  Management Center (MC) gives ability to manage EdgeSWG (ProxySG) UI.   The communication may happen via SSH and/or HTTPS where MC acting as a SSL client while EdgeSWG (ProxySG) acting as SSL server. 

As a SSL Server, it must provide a SSL certificate that are made use of while validating a server’s identity to the client.   

Incorrect certificate presented by EdgeSWG (ProxySG) may throw 502 Certificate Error

E.g.

Environment

Management Center 3.3.x and above

EdgeSwg (ProxySG) that supports SGACs.

 

Cause

A certificate where Enhanced Key Usage  with Client Authentication (1.3.6.1.5.5.7.3.2)  only is one of the known cause leading to 502, Certificate Error.

E.g

 

Resolution

 

When Extended Key Usage is used,  Server SSL Certificate must have Server Authentication defined.

Additional Information

Enhanced Key Usage that shows Server Authentication (1.3.6.1.5.5.7.3.1) and  Client Authentication (1.3.6.1.5.5.7.3.2)   is also acceptable.

Powered by Wolken Software