ProxySG appliance SSL Proxy certificate cache
search cancel

ProxySG appliance SSL Proxy certificate cache

book

Article ID: 167460

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

If SSL Interception is not enabled, the ProxySG does not cache server certificates.  

If SSL Interception is enabled, the ProxySG caches the server certificate for two hours (default) from last use.

 

Resolution

The ProxySG appliance caches certificates to reduce the number of connections to the OCS. Since the ProxySG now has visibility to the certificates it can serve it directly from cache.

Another reason for caching certificates is to optimize SSL interception; the ProxySG uses the current cached certificate, without the need to do the SSL handshake again.

The ProxySG appliance stores its SSL certificate cache in memory. Therefore, whenever the appliance restarts, the cache is cleared.

To see the contents of the SSL certificate cache see Where to find the SSL Proxy certificate cache?.

To delete the SSL certificate cache see Delete the SSL certificate cache without rebooting the ProxySG appliance.