Need to know PA which reasons it consider to put session in ssl decryption exclusion list?
one I know is client cert authentication and cert pinning.
also if ssl handshake does not complete will PA put connection in exclusion list?
Generally, there are 3 reasons why sites are put on the exclusion list
Apps that use client side certificates
Non RFC compliant applications
Servers using unsupported cryptographic settings
The above is updated during software or content updates.
If SSL handshake does not occur, that would not be a reason to put it into the exclusion list.
PA documentation shows cert pinning also.
I was talking to PA tech he told me if ssl handshake do not work then app is put into exclusion list.
It is hard to find the exact reason hopefully someone here chime in on this.
I believe I had answered your question....
According to PANW
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!