User Info

Welcome, Guest. Please login or register.
Did you miss your activation email?

Author Topic: Inbound SSL Decryption  (Read 7082 times)

Offline Pacerfan9

  • Cisco Newbie
  • *
  • Posts: 9
  • Reputation: 2
  • Certification: CCNP
Inbound SSL Decryption
« on: May 14, 2016, 06:55:52 PM »
I watched the ASA Firepower 6.0 SSL Decryption video and configured my lab following the first scenario with inbound decryption. I imported my Internal Certificate and configured the policy according to the video. However when I review the connection events my SSL traffic is not decrypted, the SSL status is Do Not Decrypt (Handshake Error). Any suggestions on how to troubleshoot and resolve this?   

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 400
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
  • Certification: CCIE
Re: Inbound SSL Decryption
« Reply #1 on: May 16, 2016, 09:57:43 PM »
I assume the connection still works, just not being decryption by FP. Handshake failure can be a result of key length, or crypto suite mismatch between client and server. Would you be able to do packet capture to analyze SSL negotiation?


Related Topics

  Subject / Started by Replies Last post
1 Replies
Last post December 19, 2017, 09:07:12 PM
by Administrator

SimplePortal 2.3.7 © 2008-2024, SimplePortal