SummaryWhen using SSL Acceleration, it's possible that an application belonging to a certificate is considered 'disabled' in the Exinda appliance.
OverviewWhen looking at the SSL Acceleration status (Configuration > System > Optimization, the 'SSL' tab), it is possible to see either local or remote SSL Application Servers (AKA other Exinda devices that have SSL acceleration enabled) that have a status of 'disabled', complete with a red X beside them. This means that there is something wrong with the application due to the certificate that is needed to make the acceleration work.
CauseDue to the nature of SSL and how the Exinda appliances do acceleration, it's necessary to have a certificate installed on the Exinda that can decrypt and re-encrypt the traffic after acceleration. If there is something wrong with the certificate, the remote application will appear as 'disabled'.
The causes can be one of the following:
- The certificate's validity period has expired
- The certificate's validity period has not started
- The certificate has been revoked by a third party
- The certificate's subject name does not match
- Checking 'Cert Revocation' during the application process, and the defined Online Certificate Status Protocol (OCSP) server is offline