Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

SSL Decryption: SHA1-Intermediate certificate gets decrypted, even if not allowed to

L1 Bithead

Hi paloalto community,


I tested my new ssl decryption rules against the badssl dashboard ( ).

So far it looks good. Unfortunately the check for sha1-intermediate doesn’t pass. Our PA-850 (Firmware 9.0.5) does create a secure connection to this site for the client ( ), even I configured to not support SHA1.


Here is my configuration:

2019-12-30 14_17_20-pa-1.png2019-12-30 14_17_08-pa-1.png2019-12-30 14_16_37-pa-1.png

Is there something I forgot to configure?


Thanks and best regards,


Who Me Too'd this topic