Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


SSL Forward Proxy Profile Main Page Fields


Use the SSL Forward Proxy Profile page to view and manage SSL proxy profile details. SSL proxy is enabled as an application service within a security policy. You specify the traffic that you want the SSL proxy enabled on as match criteria and then specify the SSL proxy profile to be applied to the traffic. You can filter and sort this information to get a better understanding of what you want to view. Table 1 describes the fields on this page.

Table 1: SSL Forward Proxy Profile Main Page Fields




Unique string of alphanumeric characters, colons, periods, dashes, and underscores; no spaces allowed; 63-character maximum.

Preferred Cipher

Ciphers are divided into three categories depending on their key strength. Strong ciphers are 168 bits or greater; medium ciphers are 128 bits or greater; and weak ciphers are 40 bits or greater. The default is custom, which allows you to configure your own cipher suite.

Custom Ciphers

Ciphers selected from each of the categories (Strong, Medium, Weak) to form a custom cipher suite.

Exempted Address

Addresses that are selected to bypass SSL forward proxy processing. This allows you to create allowlists and avoid the expense and complication of SSL encryption.

Server Authentication Failure

This option ignores errors encountered during the server certificate verification process (such as CA signature verification failure, self-signed certificates, and certificate expiry).

Session Resumption

This option enables or disables depending on whether you want session resumption (session caching mechanism).


Domain name to which the SSL forward proxy profile is associated. The IP addresses associated with domain names are dynamic and can change at any time.


Description for the SSL proxy profile; maximum length is 1024 characters.