whitelist-url-categories
Syntax
whitelist-url-categories url-category-list;
Hierarchy Level
[edit services ssl proxy profile profile-name]
Description
Configure the predefined URL categories in SSL proxy profile to exempt from SSL inspection. The URL category identification is leveraged from the Web filtering categories obtained from the Content Security module.
Before you specify URL category list, you must create a web filtering profile with custom objects using custom URL category or use predefined list. Next apply the feature profile to the Content Security policy.
The following example uses a predefined profile, junos-wf-enhanced-default.
[edit]user@host# set security utm feature-profile web-filtering type juniper-enhanceduser@host# set security utm utm-policy policy-name web-filtering http-profile junos-wf-enhanced-default
Starting in Junos OS Release 17.4R1, you can use custom URL categories in SSL proxy profile.
Options
| url-category-list |
List of predefined or custom URL category. The limits for URL categories in SSL forward proxy and SSL reverse proxy configurations is 800. Note: In the reverse proxy configuration, ensure combined size of
server certificates and URL categories does not exceed 56,986 bytes. If the combined
size exceeds the limit, the following error message is displayed during commit:
ERROR: Maximum blob size (56986 bytes) exceeded...current blob size is 57014 bytes. 400 Server certs are taking 54400 bytes, and 27 URL categories are taking 1728 bytes. |
Required Privilege Level
services—To view this statement in the configuration.
services-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 15.1X49-D80.