In order to build your ACL rules, you need perhaps to know which domains to add in your ACL. You have just to add the SSL SNI domains object in the SSL rules (without doing nothing). An SSL SNI domains object is able to write events into the SSL statistics […]
When using MAN-IN-THE-MIDDLE ( SSL decryption ) you need to install the proxy certificate inside browsers. This is mandatory to force browser trust the proxy certificate in order to avoid certificate Warning in browsers. You need to import in browsers the certificate used by the proxy. Get the proxy certificate. […]
If you using SSL rules with remote Web server or domains objects, the proxy did not understand your rule an decrypt SSL connections when using transparent mode. If your proxy is configured to transparently intercept and decrypt HTTPS connections, then HTTPS domain name exclusions cannot be used. The reason for […]
If you want to deal with HTTPS websites, you need first to create your certificate. The “Certificate Center” allows you to create your certificate and is able to store all certificates used by TLS/SSL services. For the proxy, is it mandatory to use a Valid Certificate from Offials certifiers ? […]
Here it is networks of Youtube: 9.192.115.0/24 77.153.128.46 199.223.232.0/24 74.125.206.0/24 64.233.167.0/24 199.223.233.0/24 199.223.234.0/24 199.223.235.0/24 199.223.236.0/24 199.223.237.0/24 199.223.238.0/24 199.223.239.0/24 207.223.160.0/24 207.223.161.0/24 207.223.162.0/24 207.223.163.0/24 207.223.164.0/24 207.223.165.0/24 207.223.166.0/24 207.223.167.0/24 207.223.168.0/24 207.223.169.0/24 207.223.170.0/24 207.223.171.0/24 207.223.172.0/24 207.223.173.0/24 207.223.174.0/24 207.223.175.0/24 208.65.152.0/24 208.65.153.0/24 208.65.154.0/24 208.65.155.0/24 208.117.224.0/24 208.117.225.0/24 208.117.226.0/24 208.117.227.0/24 208.117.228.0/24 208.117.229.0/24 208.117.230.0/24 208.117.231.0/24 208.117.232.0/24 208.117.233.0/24 208.117.234.0/24 […]
SSL Rules allows you to activate or not activate MAN-IN-THE-MIDDLE trough ACLs ( see how to enable SSL on your Proxy ) This is a dedicated section because you did not needs to include these rules inside the main Access Control list. The behavior is the same Access Control list […]
By default, the SSL is not managed by the proxy this means ( see first : Artica Proxy and SSL ) In connected mode ( set proxy in browsers ): The proxy will only pass the connection to the target We server. In Transparent mode: The 443 destination port is […]
If you using the “3.5.x” Proxy engine version your can deal easily with the SSL protocol. 1) Understand that the SSL protocol cannot be break. When a browser request to be connected to the Web site using SSL, it start to create a “CONNECT” session. Inside this session, browser require […]
