How to verify SSL decryption in FirePOWER?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-15-2016 10:03 PM - edited 03-12-2019 06:04 AM
Hi Guys,
I am trying to inspect incoming SSL traffic in my FirePOWER as I have internal SSL web server.
Cert and Key are already imported through PKI object management and SSL policy is already created too. However, I am here a bit lost my way to find out the verification where my SSL policy to incoming SSL traffic is working properly or not.
Could you here tell me where and how to verify it? Thanks much.
With Love,
Si Thu
- Labels:
-
NGIPS

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2016 04:43 AM
Hi
You can check the connection events. Enable the SSL filters in SSL policy to see which ssl rule the traffic is hitting and if its being encrypted or no.
Navigate to analysis> connection events>tables view of connection events.
Click on any filed cross sign and enable the SSl related fields as shows in screenshot.
Then you can either filter events based on connection events or see the traffic as it hits that.
Rate if helps.
Yogesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2016 07:52 AM
Hi Yogdhanu,
Thanks much for your guide.
As for inspecting incoming SSL traffic for internal SSL web server, I have created internal cert (for
Could you please advise on my SSL whether it is correct particularly for incoming SSL traffic. Many thanks.
With Love,
Si Thu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2016 02:20 AM
Hi,
yes, that is correct settings for only internal web server traffic.
Thanks,
Ankita
