• Downloads
• Troubleshooting SSL Inspection    

• Related Topics
• Using the SSL Forward Proxy Feature to Enable Inspection of HTTPS Traffic
• Disabling SSL Inspection
• scio const
• scio ssl
• Inspection of SSL Traffic Overview

Troubleshooting SSL Inspection

Problem

This topic lists a few areas to investigate if the IDP Series device hangs during HTTPS inspection or fails to inspect HTTPS traffic as expected.

Solution

Investigate the following issues:

• In case of HTTPS traffic hanging in a laboratory environment, be sure your test traffic includes “background” traffic in addition to the HTTPS sessions. Background traffic can be a simple ping across the IDP Series device. In a production environment, this is not an issue.
• If the IDP Series device fails to detect a specified HTTP anomaly, examine the security policy to make sure it includes at least one SSL attack object. We recommend SSL: SERVR-CERT-FAILS-VALIDATION or any Recommended SSL attack object.