Cisco Cisco ASA 5506W-X with FirePOWER Services Technisches Handbuch
Specify the Nameof the Certificate. Select browse and upload the certificate from the local
machine or copy-paste the content of the certificate in the Certificate Data option. In order to
specify the private key of the certificate, either browse the key file or copy-paste the key in the
Key option.
machine or copy-paste the content of the certificate in the Certificate Data option. In order to
specify the private key of the certificate, either browse the key file or copy-paste the key in the
Key option.
If the key is encrypted, enable the check-box Encrypted and specify the password. Click OK to
save the certificate content, as shown in the image:
save the certificate content, as shown in the image:
Step 2. Configure the SSL Policy.
SSL policy defines the decryption action and identifies the traffic on which Decrypt-Resign method
of decryption is applied. Configure the multiple SSL rules based on your business requirement and
organization security policy.
of decryption is applied. Configure the multiple SSL rules based on your business requirement and
organization security policy.
In order to configure the SSL policy, navigate to Configure > ASA FirePOWER Configuration >
Policies > SSL and click Add Rule.
Policies > SSL and click Add Rule.
Name: Specify the name of the rule.
Action: Specify the action as Decrypt - Resign and choose the CA certificate from the drop-down
list which is configured in the previous step.
list which is configured in the previous step.
Define conditions in the rule to match traffic as t
To generate the events of SSL decryption, enable the loggingat logging option, as shown in the
image:
image: