Proxy SG is using SNI to communicate with the upstream server when CONNECT URL and SNI differs

search cancel

Proxy SG is using SNI to communicate with the upstream server when CONNECT URL and SNI differs

book

Article ID: 424692

calendar_today

Updated On:

Products

ISG Proxy ProxySG Software - SGOS

Issue/Introduction

Starting from 7.4.13.1, proxy Proxy SG is using SNI to communicate with the upstream server when CONNECT URL and SNI differs. On the previous versions Proxy SG is using host from the CONNECT request.

Resolution

To revert the behavior, use the cli commands below.

conf t

ssl

proxy prefer-sni-as-upstream-host disable

Feedback

thumb_up Yes

thumb_down No