Hello,
i was wondering, how NGFW manages inline SSL decryption. I am interested in handshake communication. Does anyone know how it works? When NGFW determines DN, URL to match decryption rules? When NGFW enters the communication and injects its certificate based on URL and based on L3/L4?
This is actually really important, because when i set decryption policy to decrypt all traffic, it works. But when i place before that rule another rule with DN or URL for decrytion bypass, than decrytion breaks on particular pages, like google.com. From system debug, i have many SSL handshake errors and i have no idea why.
Thank you
Best regards