Daily Archives: April 25, 2015


ca_issuer_error_ff

Deploy the Proxy certificate to browsers

When using MAN-IN-THE-MIDDLE ( SSL decryption ) you need to install the proxy certificate inside browsers. This is mandatory to force browser trust the proxy certificate in order to avoid certificate Warning in browsers. You need to import in browsers the certificate used by the proxy. Get the proxy certificate. […]


Why HTTPS filtering exclusions in SSL rules do not work when Proxy intercepts HTTPS connections transparently ?

If you using SSL rules¬† with remote Web server or domains objects,¬† the proxy did not understand your rule an decrypt SSL connections when using transparent mode. If your proxy is configured to transparently intercept and decrypt HTTPS connections, then HTTPS domain name exclusions cannot be used. The reason for […]


25-04-2015 16-55-32

Create an SSL certificate for the proxy

If you want to deal with HTTPS websites, you need first to create your certificate. The “Certificate Center” allows you to create your certificate and is able to store all certificates used by TLS/SSL services. For the proxy, is it mandatory to use a Valid Certificate from Offials certifiers ? […]


Youtube TCP/IP addresses list

Here it is networks of Youtube:   9.192.115.0/24 77.153.128.46 199.223.232.0/24 74.125.206.0/24 64.233.167.0/24 199.223.233.0/24 199.223.234.0/24 199.223.235.0/24 199.223.236.0/24 199.223.237.0/24 199.223.238.0/24 199.223.239.0/24 207.223.160.0/24 207.223.161.0/24 207.223.162.0/24 207.223.163.0/24 207.223.164.0/24 207.223.165.0/24 207.223.166.0/24 207.223.167.0/24 207.223.168.0/24 207.223.169.0/24 207.223.170.0/24 207.223.171.0/24 207.223.172.0/24 207.223.173.0/24 207.223.174.0/24 207.223.175.0/24 208.65.152.0/24 208.65.153.0/24 208.65.154.0/24 208.65.155.0/24 208.117.224.0/24 208.117.225.0/24 208.117.226.0/24 208.117.227.0/24 208.117.228.0/24 208.117.229.0/24 208.117.230.0/24 208.117.231.0/24 208.117.232.0/24 208.117.233.0/24 208.117.234.0/24 […]


25-04-2015 14-47-30

SSL rules and SSL SNI domains Proxy object

SSL Rules allows you to activate or not activate MAN-IN-THE-MIDDLE trough ACLs ( see how to enable SSL on your Proxy ) This is a dedicated section because you did not needs to include these rules inside the main Access Control list. The behavior is the same Access Control list […]


ca_issuer_error_ff

Artica Proxy and SSL

If you using the “3.5.x” Proxy engine version your can deal easily with the SSL protocol. 1) Understand that the SSL protocol cannot be break. When a browser request to be connected to the Web site using SSL, it start to create a “CONNECT” session. Inside this session, browser require […]