This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject
SSL Decryption
Traffic that has been encrypted using the protocols SSL and SSH can be decrypted to ensure that these protocols are being used for the intended purposes only, and not to conceal unwanted activity or malicious content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SSL Decryption

Traffic that has been encrypted using the protocols SSL and SSH can be decrypted to ensure that these protocols are being used for the intended purposes only, and not to conceal unwanted activity or malicious content.

Palo Alto Networks firewalls decrypt encrypted traffic by using keys to transform strings (passwords and shared secrets) from ciphertext to plaintext (decryption) and from plaintext back to ciphertext (re-encrypting traffic as it exits the device).

Discussions

Need answers? Register or Sign-in to Engage, Share, and Learn.
Author Topic Views Replies
xiahba
xiahba
02-01-2023

The customer accesses a Website, HTTPS 443, and the traffic log finds that the application is identified as QUIC, not SSL

Have you encountered this phenomenon and how should you solve it?

posted in Next-Generation Firewall Discussions

93 1
sskannan
sskannan
02-01-2023

User insertion fail with keep alive header enable

Hi team, I have inbound ssl decryption enabled with User Insertion feature enabled too. It is working fine, however when I make a POST request from ...

posted in Next-Generation Firewall Discussions

67 0
CHOE-KyungJun
CHOE-KyungJun
01-30-2023

GlobalProtect certificate for IOS(apple)

Dear Team, I need a GlobalProtect certificate for IOS. The following error was confirmed in GP.log, and we solved the problem by installing it man...

1 posted in GlobalProtect Discussions

197 2
NathanFink
NathanFink
01-29-2023

Not recognizing standard ports like smtp. Instead showing as Not-Applicable and blocking

Having an issue with a PA-820 that isn't recognizing standard ports and instead flagging them as unknown and blocking them as Not-Applicable even th...

posted in General Topics

144 1
Jbergill1
Jbergill1
01-31-2023

Push to devices failed reason SSL handshake fail

Hello Team, recently we are unable to push config changes to devices from Panorama (version 10.1.6-h6), it fails with this error message: Panorama con...

posted in Next-Generation Firewall Discussions

199 3
Join now

Blogs

DOTW: What Are Cipher Suites?

01-06-2022 — Find out what are cipher suites and which ones are supported for the different features on your device in this Discussion of the Week. Find out what are cipher suites and which ones are supported for the different features on your device in this D...

Labels: administration Decryption How to SSL SSL Decryption tls
1656 3 by in Blogs

The Increasing Necessity for SSL Decryption

07-07-2021 — From performance abilities to new hardware, SSL Decryption capabilities have been greatly improved.

Labels: NGFW SSL Decryption
2555 5 by in Blogs

More on SSL Decryption

08-07-2020 — Read how SSL Decryption gives the ability to view inside of Secure HTTP traffic (SSL) as it passes through the Palo Alto Networks firewall.

Labels: NGFW Configuration PAN-OS SSL Decryption SSL Forward Proxy
10981 3 7 by in Blogs

HTTP/2 Inspection

07-09-2020 — Starting with PAN-OS 9.0.0, HTTP/2 inspection is supported on Palo Alto Networks firewalls. Learn more here!

Labels: Decryption HTTP NGFW Configuration PAN-OS PAN-OS 9.0 SSL Decryption
7869 1 6 by in Blogs

AddTrust External CA Root Expired

06-05-2020 — AddTrust External CA Root expired on 30th of May, 2020. Find out how this can impact your traffic and how to fix this!

Labels: certificate Decryption SSL Decryption
4496 2 2 by in Blogs

View All

Articles

Best Practices for SSL Decryption with Prisma Access

01-13-2022 — Understand how SSL Decryption with Prisma Access can increase your visibility into network traffic and reduce security threats

Labels: Best Practices Prisma Access SSL Decryption SSL Forward Proxy
2443 by in Prisma Access Webinars

SSL Decryption with Prisma Access

09-13-2021 — Gain visibility and control over network traffic through SSL Decryption with Prisma Access

Labels: Prisma Access SSL Decryption
1920 by in Prisma Access Webinars

Keeping Configuration Aligned to Best Practices

03-31-2021 — Configuration changes are always necessary in a network, whether they are for adding new applications, allowing access to users or to create exceptions in security profiles. Prisma Access Cloud Management provides the ability for administrators to...

Labels: Prisma Access Cloud Management SSL Decryption
1627 by in Prisma Access Cloud Management Articles

View All

Videos

Digital Learning Courses

Visit Palo Alto Networks' learning platform, Beacon, for free technical knowledge and educational resources related to all of our products.

Please note: You need to be logged into SSO in order to view this content.

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks