Symantec Access Management

 View Only
  • 1.  SSL Bridging and CA Access gateway/SPS

    Posted Jul 26, 2017 06:16 PM

    We are using CA Access Gateway/SPS with NetScaler as the load balancer. When we set up SSL on the SPS and try to access the HTTPS endpoint via the NetScaler load balanced URL, we are not having success unless we enable SSL bridging/pass-through on NetScaler. One of the errors we received without SSL Bridging enabled is below:


    "Your browser sent a request that this server could not understand. Reason: You're speaking plain HTTP to an SSL-enabled server port. Instead use the HTTPS scheme to access this URL."

    The above message was received while we were using HTTPS in the browser.


    Accessing the HTTPS endpoint and bypassing NetScaler (via host entries) works fine.


    Has anyone faced this issue before? Is there anyway to get this to work without SSL bridging?


    SPS version: 12.52 SP1 CR04





  • 2.  Re: SSL Bridging and CA Access gateway/SPS

    Broadcom Employee
    Posted Jul 27, 2017 03:43 AM

    Hello Jaime,


    There are known issues with SSL where you have a load balancer between the client and SPS in versions prior to 12.6

    SPS behind SSL accelerator is fully supported in 12.6 and 12.7:


    SSL accelerator support—CA Access Gateway can now support environments where outward–facing load balancers support SSL acceleration.