SSL Decryption
Traffic that has been encrypted using the protocols SSL and SSH can be decrypted to ensure that these protocols are being used for the intended purposes only, and not to conceal unwanted activity or malicious content.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SSL Decryption

Traffic that has been encrypted using the protocols SSL and SSH can be decrypted to ensure that these protocols are being used for the intended purposes only, and not to conceal unwanted activity or malicious content.

Palo Alto Networks firewalls decrypt encrypted traffic by using keys to transform strings (passwords and shared secrets) from ciphertext to plaintext (decryption) and from plaintext back to ciphertext (re-encrypting traffic as it exits the device).

Discussions

Author Topic Views Replies
ABhanawala
06-18-2026

GlobalProtect 6.3.3-1016 Failed to Open File Mac M3 Pro (Apple Silicon) macOS Tahoe 26.5.1

There are issues connecting to my Employer's VPN using GlobalProtect 6.3.3-1016 application.Where as an older version which we have (v5.2.10-6) is wor... — Read more

posted in Next-Generation Firewall Discussions

897 2
DanielS.Romero
06-12-2026

[User-ID HUB Vsys] Solved Issue User-ID Behavior

Hello LiveCommunity Team! I created this post to share my experience regarding the User-ID Hub for multi-vsys environments involving some User-ID inco... — Read more

posted in General Topics

613 1
idelconsulting
06-11-2026

Global Protect Android client failing with certificate error after upgrading PAN-OS

Dear all, I have a strange error after I upgraded my firewall to PAN-OS 11.1.15 to fix a GP vulnerability. (18990)06/04 17:44:57:208734 - PanKeyM... — Read more

posted in GlobalProtect Discussions

1069 0
Adrian_Jensen
05-29-2026

SSL certificate has expired end date after PA decryption

Running into a weird problem with SSL decryption and a vendor's internet certificate that has broken after going through the PaloAlto. An external ven... — Read more

posted in General Topics

625 1
badermandhouj
05-21-2026

Multi-VSYS 11.2.8 - How to assign a dedicated Forward Trust Certificate per VSYS for SSL Decryption

Hi everyone,I’m running PAN-OS 11.2.8 with Multi-VSYS enabled (3 VSYS). I need a different Forward Trust Certificate per VSYS for SSL decryption, but ... — Read more

posted in Next-Generation Firewall Discussions

391 1

Blogs

Supercharge Your Web Security: Announcing PA-5450 Support for Web Proxy

11-18-2025 — We're excited to announce full Web Proxy support on the high-performance PA-5450 Next-Generation Firewall with PAN-OS 12.1.2 (Orion). This allows you to consolidate your security stack, leveraging the PA-5450’s power for full SSL decryption, Advan... — Read more

Labels: Advanced Threat Prevention App-ID Data Loss Prevention DLP Next-Generation Firewall NGFW Orion PA-5450 PAN-OS 12.1.2 Security Consolidation SSL Decryption User-ID Web Proxy
3822 by in Community Blogs

DOTW: What Are Cipher Suites?

01-06-2022 — Find out what are cipher suites and which ones are supported for the different features on your device in this Discussion of the Week. Find out what are cipher suites and which ones are supported for the different features on your device in this D... — Read more

Labels: Administration Decryption How to SSL SSL Decryption TLS
10733 3 by in Community Blogs

The Increasing Necessity for SSL Decryption

07-07-2021 — From performance abilities to new hardware, SSL Decryption capabilities have been greatly improved. — Read more

Labels: NGFW SSL Decryption
14681 6 by in Community Blogs

More on SSL Decryption

08-07-2020 — Read how SSL Decryption gives the ability to view inside of Secure HTTP traffic (SSL) as it passes through the Palo Alto Networks firewall. — Read more

Labels: NGFW Configuration PAN-OS SSL Decryption SSL Forward Proxy
28519 3 8 by in Community Blogs

HTTP/2 Inspection

07-09-2020 — Starting with PAN-OS 9.0.0, HTTP/2 inspection is supported on Palo Alto Networks firewalls. Learn more here! — Read more

Labels: Decryption HTTP NGFW Configuration PAN-OS PAN-OS 9.0 SSL Decryption
27793 2 9 by in Community Blogs

Articles

Tips & Tricks: SSL Forward Proxy

05-22-2023 — In today's digital world, where encryption is all around us, SSL decryption becomes a real superhero in the fight against hidden threats and bolstering network security. Luckily, Palo Alto Networks Next-Generation Firewall comes to the rescue with... — Read more

Labels: Network Security Next-Generation Firewall SSL Decryption
14638 4 2 by in General Articles

Nominated Discussion: URL Filtering in TLS v1.3

02-28-2023 — — Read more

Labels: Advanced URL Filtering NGFW NGFW Configuration SSL SSL Decryption TLS
12128 1 2 by in General Articles

Best Practices for SSL Decryption with Prisma Access

01-13-2022 — Understand how SSL Decryption with Prisma Access can increase your visibility into network traffic and reduce security threats — Read more

Labels: Best Practices Prisma Access SSL Decryption SSL Forward Proxy
14791 by in Prisma Access Webinars

SSL Decryption with Prisma Access

09-13-2021 — Gain visibility and control over network traffic through SSL Decryption with Prisma Access — Read more

Labels: Prisma Access SSL Decryption
10512 by in Prisma Access Webinars

Videos

Digital Learning Courses

Access Palo Alto Networks learning platform to gain free technical insights and educational materials across our full suite of products.

Please note: SSO login is necessary to access the content.