cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

SSL Decryption: SHA1-Intermediate certificate gets decrypted, even if not allowed to

L1 Bithead

Hi paloalto community,

 

I tested my new ssl decryption rules against the badssl dashboard ( https://badssl.com/dashboard/ ).

So far it looks good. Unfortunately the check for sha1-intermediate doesn’t pass. Our PA-850 (Firmware 9.0.5) does create a secure connection to this site for the client ( https://sha1-intermediate.badssl.com/ ), even I configured to not support SHA1.

 

Here is my configuration:

2019-12-30 14_17_20-pa-1.png2019-12-30 14_17_08-pa-1.png2019-12-30 14_16_37-pa-1.png

Is there something I forgot to configure?

 

Thanks and best regards,

Markus

Who Me Too'd this topic