Cisco Cisco Web Security Appliance S670 Fehlerbehebungsanleitung

Contributed by Siddharth Rajpathak, Cisco TAC Engineer.
Aug 07, 2014

This document describes the problem encountered where Windows Live Messenger does not work when the
default action is set to Decrypt and authentication is disabled.

Authentication disabled
Default action for HTTPS traffic is configured to 'Decrypt' in 'Decryption policies'
Decryption for AVC traffic enabled

Windows Live Messenger login does not work.

If we are using a self signed or self generated certificate on the Cisco Web Security appliance (WSA), then
Windows Live Messenger would not trust this certificate. Hence when WSA decrypts the traffic using its
certificate, the messenger closes or resets the connection resulting in login/access failure.

Typically, Windows Live Messenger should trust the certificates installed in the Internet Explorer (IE)
certificate store.

Please install the certificate from WSA on the client machine and once installed, the Windows Live
Messenger should be able to connect.

Please use the following steps to install the certificate from the WSA on client machine

Under Security Services −−−> HTTPS Proxy −−−> Edit Settings, please download the certificate
from the WSA.

1. 

Rename the certificate extension from .pem to .txt.

2. 

Open the .txt file using an appliance like Notepad. Select all the contents in the .txt file.

3.