SSL Forward Proxy Profile Main Page Fields
Use the SSL Forward Proxy Profile page to view and manage SSL proxy profile details. SSL proxy is enabled as an application service within a security policy. You specify the traffic that you want the SSL proxy enabled on as match criteria and then specify the SSL proxy profile to be applied to the traffic. You can filter and sort this information to get a better understanding of what you want to view. Table 1 describes the fields on this page.
Field |
Description |
---|---|
Name |
Unique string of alphanumeric characters, colons, periods, dashes, and underscores; no spaces allowed; 63-character maximum. |
Preferred Cipher |
Ciphers are divided into three categories depending on their key strength. Strong ciphers are 168 bits or greater; medium ciphers are 128 bits or greater; and weak ciphers are 40 bits or greater. The default is custom, which allows you to configure your own cipher suite. |
Custom Ciphers |
Ciphers selected from each of the categories (Strong, Medium, Weak) to form a custom cipher suite. |
Exempted Address |
Addresses that are selected to bypass SSL forward proxy processing. This allows you to create allowlists and avoid the expense and complication of SSL encryption. |
Server Authentication Failure |
This option ignores errors encountered during the server certificate verification process (such as CA signature verification failure, self-signed certificates, and certificate expiry). |
Session Resumption |
This option enables or disables depending on whether you want session resumption (session caching mechanism). |
Domain |
Domain name to which the SSL forward proxy profile is associated. The IP addresses associated with domain names are dynamic and can change at any time. |
Description |
Description for the SSL proxy profile; maximum length is 1024 characters. |