Statement introduced in Junos OS Release 12.1X44-D10. The protocol-version statement is updated to include tls11 and tls12 from Junos OS Release 15.1X49-D30.
Specify the configuration for Secure Socket Layer (SSL) termination support service.
Following types of SSL profiles are supported on SRX Series to secure connections based on the role of the SRX Series device:
SSL initiation: The SRX Series device, acting as an SSL proxy client, initiates and maintains SSL sessions between itself and an SSL server. SRX device receives unencrypted data from an HTTP client, and encrypts and transmits the data as ciphertext to the SSL server.
SSL termination: The SRX Series device, actings as an SSL proxy server, terminates the SSL session from the client and then establishing a new SSL connection to the server. The SRX Series device decrypts the data and then sends the data as un-encrypted request to the other servers (HTTP server).
The SSL proxy profile will be applied to the security policy as application services.
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
services—To view this statement in the configuration.
services-control—To add this statement to the configuration.