UAG Certificate Validation


Sometime it may be desirable to disable certificate validation for the SSL protected back-end services published via UAG. You can do this by editing the following registry keys:
  • Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\e-Gap\Von\URLFilter\Comm\SSL
    • right-click ValidateRwsCert, select Modify, and change the Value data to 0
    • right-click ValidateRwsCertCRL, select Modify, and change the Value data to 0
    • restart IIS
Please, note that disabling certificate validation process may not be an acceptable security practice in certain environments. For a complete list of UAG registry keys consult the following TechNet article. Also, there are different uses for certificates within UAG, to understand them better I strongly recommend reading through the following excellent blog post by Ben Ari.

Comments

Popular posts from this blog

PoSh Disable and Move AD Users

Skype for Business and VTC Interoperability

Mail-enabled security groups in Office 365