SYSTEMS AND METHODS FOR POLICY DRIVEN FINE GRAIN VALIDATION OF SERVERS' SSL CERTIFICATE FOR CLIENTLESS SSLVPN ACCESS
First Claim
1. A method for validation of a secure socket layer (SSL) certificate of a server for clientless SSL virtual private network (VPN) access, the method comprising:
- receiving, by a device intermediary between a client and at least one server, a first request from the client for a clientless SSL VPN connection to a first server;
determining, by the device using a preconfigured policy, that the first server in the first request meets a condition of the preconfigured policy; and
performing, by the device responsive to the determination, an action to validate a SSL certificate of the first server using one or more certificate authority (CA) certificate files of the device, the one or more CA certificate files specified by the preconfigured policy for the action.
7 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure is directed towards systems and methods for validation of a secure socket layer (SSL) certificate of a server for clientless SSL virtual private network (VPN) access. An intermediary device can receive a first request from a client for a clientless SSL VPN connection to a first server. The intermediary device can determine, using a preconfigured policy, that the first server in the first request meets a condition of the preconfigured policy. The intermediary device 801 can perform, responsive to the determination, an action to validate a SSL certificate of the first server using one or more certificate authority (CA) certificate files available to the intermediary device. The one or more CA certificate files can be specified by the preconfigured policy for the action.
43 Citations
20 Claims
-
1. A method for validation of a secure socket layer (SSL) certificate of a server for clientless SSL virtual private network (VPN) access, the method comprising:
-
receiving, by a device intermediary between a client and at least one server, a first request from the client for a clientless SSL VPN connection to a first server; determining, by the device using a preconfigured policy, that the first server in the first request meets a condition of the preconfigured policy; and performing, by the device responsive to the determination, an action to validate a SSL certificate of the first server using one or more certificate authority (CA) certificate files of the device, the one or more CA certificate files specified by the preconfigured policy for the action. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for validation of a secure socket layer (SSL) certificate of a server for clientless SSL virtual private network (VPN) access, the system comprising:
-
a device intermediary between a client and at least one server, the device configured to receive a first request from the client for a clientless SSL VPN connection to a first server; and a policy engine executing on the device, the policy engine configured to; determine, using a preconfigured policy, that the first server in the first request meets a condition of the preconfigured policy; and performing, responsive to the determination, an action to validate a SSL certificate of the first server using one or more certificate authority (CA) certificate files of the device, the one or more CA certificate files specified by the preconfigured policy for the action. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification