1. What are the SSL related configuration available under Management center OS.

2. How to verify SSL related configuration of Management center, after backup/restore of full configuration.

Following steps can be used to verify Management center's SSL related configuration after a backup and restore

1. Verify all SSL context profile and its associated settings available with following CLI /SSH commands

localhost# configure terminal
localhost(config)# ssl
localhost(config-ssl)# view ssl-context 

This command will display all SSL context profile available within the management center and its associated settings such as CCL (CA certificate list), keyring, TLS version, cipher suites. Note that SSL-contest profile bluecoat-licensing, bluecoat-remote-access, bluecoat-services are read-only. With a backup and restore of the configuration there will not be any change on these profiles. All other SSL context profiles are modifiable and can be restored with backup.

2. Verify all CCLs (CA certificate lists) with following CLI /SSH commands

localhost# configure terminal
localhost(config)# ssl
localhost(config-ssl)# view ccl

Above command will display all CA certificate's list name and its associated CA certificates. Note that CCL - bluecoat-appliance, bluecoat-image-validation, bluecoat-isolation, bluecoat-licensing, bluecoat-services are read-only. With a backup restore no changes will be observed in these CCLs. All other CCL are modifiable and can be restored with the backup file.

3. Verify trust-package settings with following CLI /SSH commands

localhost# show running-config ssl
ssl
 trust-package
  auto-update enabled
  update-interval 7
  url             https://appliance.bluecoat.com/sgos/trust_package.bctp
 !
 edit ccl bluecoat-appliance
 !
 edit ccl bluecoat-image-validation
 !
 edit ccl bluecoat-isolation
 !
 edit ccl bluecoat-licensing
 !
 edit ccl bluecoat-services
 !
 edit ccl browser-trusted
 !
 edit ccl client-authentication
 !
 edit ccl management-center
 !
!