Configure Symantec Blue Coat ProxySG SSL

Enabling Blue Coat To Intercept SSL traffic

By default SSL (HTTPS) connections are not intercepted by Blue Coat and therefore data in them are not scanned by the MetaDefender ICAP Server. If you would like to scan files which were sent using secure connection, then you can optionally configure Blue Coat to decrypt SSL connections.

How To Configure

Please refer to Blue Coat documentation.

Limitations

How to overcome certificate issues

  1. When creating a keyring and certificate explained in the Blue Coat documentation please give attention to that the Common name "must match the ProxySG name or IP address that the client expects"

  2. After the keyring and the certificate is ready go to Statics → Advanced → SSL → Download a ProxySG Certificate as a CA certificate in ProxySG Management Console

  3. Select the previously created certificate and download/install it to the browser in use

  4. This certificate should be set under Proxy Settings → SSL Proxy and under the SSLInterception which was created during configuring SSL interception