UAG Certificate Validation

Sometime it may be desirable to disable certificate validation for the SSL protected back-end services published via UAG. You can do this by editing the following registry keys:

Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\WhaleCom\e-Gap\Von\URLFilter\Comm\SSL

right-click ValidateRwsCert, select Modify, and change the Value data to 0
right-click ValidateRwsCertCRL, select Modify, and change the Value data to 0
restart IIS

Please, note that disabling certificate validation process may not be an acceptable security practice in certain environments. For a complete list of UAG registry keys consult the following TechNet article. Also, there are different uses for certificates within UAG, to understand them better I strongly recommend reading through the following excellent blog post by Ben Ari.

Comments

Popular posts from this blog

Copilot Studio: Capabilities, Strategies, Scenarios 💡 Ready to Supercharge Your Team with AI? 🧠 A critical question for every leader: How do you transform the massive potential of AI into a practical, powerful, and cost-effective tool for your entire organization? 🤔 This guide explores various nuances of the AI adoption: 1️⃣ The Innovation Opportunity: The drive to deploy generative AI is reshaping the modern workplace, offering a monumental leap in productivity and creativity. This is the moment to empower your teams. 🚀 2️⃣ The Strategic Blueprint: Unlocking this potential requires a clear strategy. Navigating the licensing models for powerful tools like Microsoft Copilot Studio is the key to maximizing value and avoiding unexpected costs. 🗺 ️▶️ Our new interactive guide makes it simple. We break down the licensing paths, visualize the costs, and provide a clear, actionable roadmap for implementing a winning hybrid AI strategy. See how you can empower everyone, from citizen...

AI Agents as Trusted IoT/Software Defined Devices 🤖 Your Newest Endpoint Isn’t a Laptop; It’s an AI Agent. Are You Ready to Secure It? Dive into the next frontier of cybersecurity. Autonomous AI agents are no longer just code; they are powerful actors in our digital ecosystems. Treating them as simple software leaves a massive security gap. Our latest report introduces a new paradigm: The AI Agent as a Software-Defined Device. Discover the essential framework for securing the agentic future: ➡️ The Agent-as-Device Model: Learn why abstracting agents as software-defined devices, similar to IoT endpoints, is the key to managing their complexity and risk. Secure the “hardware” (host), “software” (agent logic), and “network” (communications). ➡️ A Digital Passport for AI: Move beyond static API keys. Explore how Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) create a cryptographic root of trust, giving every agent a verifiable identity and provable permissions. ➡️...

AI Trends in DevSecOps 🤖 The AI Co-Developer Is Here: Is Your DevSecOps Ready? Dive into the symbiotic evolution of AI and DevSecOps. While AI coding assistants are accelerating development at an incredible pace, they’re also scaling security risks and introducing a new, complex attack surface. Discover the critical shifts redefining secure software development: ➡️ Secure the Foundation First: Learn why 99% of organizations have sensitive data exposed and how to tame the “blast radius” of GenAI tools before deployment by focusing on data security posture. ➡️ The Intelligent IDE: Move beyond just finding flaws. See how AI-generated fixes are revolutionizing secure coding by slashing remediation times and empowering developers to fix vulnerabilities in seconds. ➡️ The War on Noise: Understand how AI is finally solving the false positive problem in CI/CD pipelines, making fully automated security gates an operational reality. ➡️ Think Like the Adversary: Explore the rise of AI Red ...

Technocrat

Search This Blog