Virtual Router/ Firewall/ VPN

Reply
Regular Visitor
Posts: 1
Registered: ‎08-05-2015

Issue with "SSL Decryption" mapping

We're using the Stingray Traffic Manager Virtual Appliance 9.9, and we're having an issue with the SSL Decryption configuration. We have a number of different domain names and some wildcard certs. Here's a subset of that mapping:

Default certificate: gamma.com-wildcard
*.alpha.cc -> alpha.cc wildcard
*.alpha.com -> alpha.com wildcard
*.beta.gamma.com -> 2015-07-beta-wildcard
*.gamma.com -> gamma.com-wildcard
*.gamma.org -> gamma.org-wildcard

 

(names anonymised)


Recently our LBs have been serving the wrong cert for systems like toaster.beta.gamma.com - we expect the 2015-07-beta-wildcard cert to be presented with this configuration, but instead the gamma.com-wildcard cert is presented (and because wildcard certs are just one level deep, we get an SSL error from that).

Anyone have any ideas? The problem started when we installed newer certs for the *.beta.gamma.com, but switching back to the old cert didn't fix the mapping (we have tools that take automated backups of our config and save to github, so we have diffs of our changes in SteelApp.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook