Default Handling Options for Undecryptable Traffic
|
Type |
Description |
Default Action |
Available Action |
|---|---|---|---|
|
Compressed Session |
The TLS/SSL session applies a data compression method. |
Inherit default action |
Do not decrypt Block Block with reset Inherit default action |
|
SSLv2 Session |
The session is encrypted with SSL version 2. Note that traffic is decryptable if the ClientHello message is SSL 2.0, and the remainder of the transmitted traffic is SSL 3.0. |
Inherit default action |
Do not decrypt Block Block with reset Inherit default action |
|
Unknown Cipher Suite |
The system does not recognize the cipher suite. |
Inherit default action |
Do not decrypt Block Block with reset Inherit default action |
|
Unsupported Cipher Suite |
The system does not support decryption based on the detected cipher suite. |
Inherit default action |
Do not decrypt Block Block with reset Inherit default action |
|
Session not cached |
The TLS/SSL session has session reuse enabled, the client and server reestablished the session with the session identifier, and the system did not cache that session identifier. |
Inherit default action |
Do not decrypt Block Block with reset Inherit default action |
|
Handshake Errors |
An error occurred during TLS/SSL handshake negotiation. |
Inherit default action |
Do not decrypt Block Block with reset Inherit default action |
|
Decryption Errors |
An error occurred during traffic decryption. |
Block |
Block Block with Reset |
When you first create a decryption policy, logging connections that are handled by the default action is disabled by default. Because the logging settings for the default action also apply to undecryptable traffic handling, logging connections handled by the undecryptable traffic actions is disabled by default.
Note that if your browser uses certificate pinning to verify a server certificate, you cannot decrypt this traffic by re-signing the server certificate. For more information, see Decryption Rule Guidelines and Limitations.