Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

DeepSight GIN Data via Proxy

Created: 30 Jan 2013 • Updated: 30 Jan 2013 | 6 comments

We have an issue connecting via the corporate Bluecoat proxy to get GIN data downloads. It worked fine with a previous proxy, but remapping to this newer installation it is now broken. There is an article, but it refers to ISA and not Bluecoat, and the Proxy support team have been unable to resolve it.

There is a java error message:

Error = "javax.net.SSLProtocolException: Server returned wrong cipher suite for session"

Documented here for ISA

http://www.symantec.com/business/support/index?page=content&id=TECH191167

Any ideas ??

Comments 6 CommentsJump to latest comment

olaf's picture

Is the Bluecoat proxy doing SSL inspection?

You might have to turn it off for the deepsight URL.

Laurent_c's picture

Hi,

the issue here, is that it is a HTTPS connection that is establish and some proxy in the middle sometime "temper" the packet. like the ISA HTTPS packet inspection.

I am not familier with BlueCoat but maybe they could make some exclusions to avoid specific url to be scanned ?

Laurent

mathell's picture

Another option is to have Symantec tell you which keystore is being used by the java/GIN then import the Bluecoat CA certificate using keytool.exe.

P4Amdik19's picture

Hi,

Check that CA Certificate .that certificate might be expired

Thanks & Regards

Pratik Mahadik

Shahnawaz K's picture

Bypass the SSL inspection and whitelist the deepsight URL and check.

VSK's picture

What is the type of authentication used by your proxy?? Is it a NTLM auth or Basic??If its NTLM...use Basic Auth.

-VSK