SSL Forward Proxy – Certificate Error Graceful Failure
Technical Challenge Recently I needed to deploy the SSL Forward Proxy functionality on a BIG-IP so that I could inspect HTTPS traffic on the fly. The goal was to detect malicious traffic hidden ins...
Published Oct 22, 2015
Version 1.0Robert_Teller_7
Historic F5 Account
Joined November 11, 2011
Robert_Teller_7
Historic F5 Account
Joined November 11, 2011
Aurel
Nov 04, 2015Cirrus
Thank you for the update. I got everything now, if i'm not mistaken. This is a very interesting job.
A question : if the server cert is expired (trusted or not), then the client will have an untrusted error message, right ? It should be easy to update it with a relevant ssl client profile for an expired cert message to the client, but i don't know if browsers behaviour may block without warning, whereas still displaying warning with untrusted.