ProxySG & Advanced Secure Gateway

Hi all,

I have to realize SSL decyphering on a ProxySG qppliqnce to insert a specific header.

My proxy is in explicite mode; traffic is well intercepted and the certificate shown to the user is the one i imported.

I wrote the folloing code in CPL to insert the header "toto", but it seems it is not inserted though the action SETHEADER is matched when i make a trace policy.

Would you have any idea?

<SSL-Intercept>
  url.domain=www.abc.com ssl.forward_proxy(https) ssl.forward_proxy.server_keyring("XXXXX")

<proxy>
 define condition MYCONDITION
  url.host=www.abc.com
 end condition MYCONDITION

 define action SETHEADER
  set(request.x_header.toto, "toto=wellset")
 end action SETHEADER
 
 condition=MYCONDITION action.SETHEADER(yes)

Hi Frank,

             This should work with a slight modification as below. (I have re-ordered them for simplicity and better performance)

define condition MYCONDITION
  url.host=www.abc.com
end condition MYCONDITION

define action SETHEADER
  set(request.x_header.toto, "wellset")
end action SETHEADER

 <proxy>
 condition=MYCONDITION action.SETHEADER(yes)

              Within the quotes, give only the value to set. You don't need to mention the custom header name again. Try with this and let us know.

Hi Aravind,

Thank you for all, it works fine now;

So to be complete with the SSL part, the good config is

<SSL-Intercept>

url.domain=www.abc.com ssl.forward_proxy(https) ssl.forward_proxy.server_keyring("XXXXX")
​
define condition MYCONDITION
  url.host=www.abc.com
end condition MYCONDITION

define action SETHEADER
  set(request.x_header.toto, "wellset")
end action SETHEADER

<proxy>
condition=MYCONDITION action.SETHEADER(yes)

Hi Frank,

             Good to hear that it worked :)