Hi,
I just configured the SSL proxy and applied to the right security policy.I have followed this link to configure SSL proxy
According to the juniper documentation, users' will get Server certification validation error and need to import/trust the certificate.
In my case, users are not getting any Server certification validation error though I can see traffic is matching the proxy as shown below
root@srx-240-h# run show services ssl proxy statistics
PIC:fwdd0 fpc[0] pic[0] ------
sessions matched 207
sessions whitelisted 0
sessions bypassed:non-ssl 0
sessions bypassed:mem overflow 0
sessions created 0
sessions ignored 0
sessions active 0
sessions dropped 0
This is my configuration excerpt:
[edit services ssl proxy]
root@srx-240-h# show
profile SSL_PRFL-1 {
enable-flow-tracing;
preferred-ciphers medium;
trusted-ca 21FEB_GRP;
root-ca 21FEB;
actions {
ignore-server-auth-failure;
log {
all;
sessions-allowed;
}
}
}
Can anyone explain me this strange behavior?
Thanks,
MYN