Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

About the SSL Initiation Profile Page

To access this page, select Shared Services > Objects > SSL Initiation Profile.

SSL initiation is a process where the SRX Series Firewall acts as an SSL proxy client, initiates the SSL sessions with an SSL server. The SRX Series Firewall receives cleartext from an HTTP client. It encrypts and transmits the data as ciphertext to the SSL server. On the reverse side, the SRX Series decrypts the ciphertext that it receives from the SSL server and sends the data to the client as cleartext.

The profile contains the settings for the SSL-initiated connections. The settings include the list of supported ciphers and their priority, the supported versions of SSL/TLS, and a few other options.

Benefits of SSL Proxy

  • Decrypts SSL traffic to obtain granular application information and enable you to apply advanced security services protection and detect threats.

  • Enforces the use of strong protocols and ciphers by the client and the server.

  • Provides visibility and protection against threats embedded in SSL encrypted traffic.

  • Controls what needs to be decrypted by using Selective SSL Proxy.

Tasks You Can Perform

  • Create an SSL initiation profile—See Create an SSL Initiation Profile.

  • Edit or delete an SSL initiation profile—See Edit and Delete an SSL Initiation Profile.

  • Filter rules—Click the filter icon (funnel), and specify one or more filtering criteria. The filtered results are displayed on the same page.

    Filter information based on select criteria. You can add filters, save the filters, and set any of the filters as default.

    To add a filter:

    1. Click the filter icon on the top-right corner of the page, and select Add Filter to open the Add Criteria page.

    2. Set the filter conditions, and click Add.

      The filter is saved and applied on the data.

    To remove the filter, click the filter icon, and select Hide Filter.

  • Search for SSL initiation profiles by using keywords. To search:

    1. Click the search icon in the top-right corner of the page.

    2. Enter partial text or full text of the keyword in the text box and press Enter.

      The search results are displayed on the same page.

Field Descriptions

Table 1 describes the field on the SSL Initiation Profile page.

Table 1: Fields on the SSL Initiation Profile Page

Field

Description

Name

Displays the SSL initiation profile name.

Flow Tracing

Displays whether flow tracing is enabled or disabled for troubleshooting policy related issues.

Protocol version

Displays the accepted protocol SSL version.

Cipher Strength

Displays the preferred cipher which the SSH server uses to perform encryption and decryption function.

SSL Session Cache

Displays whether SSL session cache is enabled or not.

Local Certificate

Displays the local certificate for SSL.

CA Certificate

Displays the certificate authority profile for SSL.