Lab Minutes Forum
Technical Discussion => Security => Topic started by: Pacerfan9 on May 14, 2016, 06:55:52 PM
-
I watched the ASA Firepower 6.0 SSL Decryption video and configured my lab following the first scenario with inbound decryption. I imported my Internal Certificate and configured the policy according to the video. However when I review the connection events my SSL traffic is not decrypted, the SSL status is Do Not Decrypt (Handshake Error). Any suggestions on how to troubleshoot and resolve this?
-
I assume the connection still works, just not being decryption by FP. Handshake failure can be a result of key length, or crypto suite mismatch between client and server. Would you be able to do packet capture to analyze SSL negotiation?