https://community.cisco.com/t5/network-security/ips-with-https-traffic/m-p/977312#M79596 <P>Hi,</P><P></P><P>Is there a way, if I have the private key for an SSL certificate , that I can load this into the ASA with an AIP SSM module and be able to see if there attacks over SSL to one of my web servers?</P><P></P><P>Thanks,</P><P></P><P>Brantley</P> Sun, 10 Mar 2019 11:10:27 GMT support 2019-03-10T11:10:27Z https://community.cisco.com/t5/network-security/ips-with-https-traffic/m-p/977312#M79596 <P>Hi,</P><P></P><P>Is there a way, if I have the private key for an SSL certificate , that I can load this into the ASA with an AIP SSM module and be able to see if there attacks over SSL to one of my web servers?</P><P></P><P>Thanks,</P><P></P><P>Brantley</P> Sun, 10 Mar 2019 11:10:27 GMT https://community.cisco.com/t5/network-security/ips-with-https-traffic/m-p/977312#M79596 support 2019-03-10T11:10:27Z https://community.cisco.com/t5/network-security/ips-with-https-traffic/m-p/977313#M79597 <HTML><HEAD></HEAD><BODY><P>The short answer is no. Obviously, HIDS is one option. If you really need network IPS (i.e. inline protection), I think your options are pretty limited if you actually want to load private keys on the device. Googling returns only a McAfee product, but there may be others. Breach.com has a product that does this but it's not inline and not ips.</P><P></P><P>You can possibly solve this architecturally by putting reverse proxies out in front of your web servers and having SSL terminate there.</P></BODY></HTML> Tue, 01 Jul 2008 21:00:53 GMT https://community.cisco.com/t5/network-security/ips-with-https-traffic/m-p/977313#M79597 mhellman 2008-07-01T21:00:53Z