i have ASA5555-X with firepower module
i use ASDM for manage ASA and use FMC(188.8.131.52) for manage FIREPOWER
(use inline mode for asa traffic to firepower)
i have a web server in DMZ
i config Decrypt-Known key method for outbound traffic that access to my webserver in DMZ
i add my webserver certificate and private key in PKI / INTERNAL CERTS in FMC
i create rule in ssl and so i call ssl policy in Access Control Policy
i think all configure is ok
but i can not see my website from outside
i check event log
reaseon =ssl block
ssl flow error = unsupported ec curve (0xb9001d57)
can anyone help me ?
Solved! Go to Solution.
Unfortunately, I do not understand what you mean
i have a one wildcard certificate for all subdomain
and i import these ( certificate and private key) in INTERNAL CERTS
and all websites are ok except exchange webpage
i dont have import ca certificate as a trusted certificate !!
Unfortunately , i have no information about import ca certificate as a trusted certificate