Cisco Cisco Web Security Appliance S190 Guía Del Usuario
11-11
AsyncOS 9.0.1 for Cisco Web Security Appliances User Guide
Chapter 11 Create Decryption Policies to Control HTTPS Traffic
Routing HTTPS Traffic
Step 5
Submit and Commit Changes.
Look for the certificate you uploaded in the Custom Trusted Root Certificates list.
Removing Certificates from the Trusted List
Step 1
Select Security Services > HTTPS Proxy.
Step 2
Click Manage Trusted Root Certificates.
Step 3
Select the Override Trust checkbox corresponding to the certificate you wish to remove from the list.
Step 4
Submit and Commit Changes.
Routing HTTPS Traffic
The ability of AsyncOS to route HTTPS transactions based on information stored in client headers is
limited and is different for transparent and explicit HTTPS.
limited and is different for transparent and explicit HTTPS.
Troubleshooting Decryption/HTTPS/Certificates
•
•
•
•
Option
Description
Transparent
HTTPS
HTTPS
In the case of transparent HTTPS, AsyncOS does not have access to information
in the client headers. Therefore, AsyncOS cannot enforce routing policies that
rely on information in client headers.
in the client headers. Therefore, AsyncOS cannot enforce routing policies that
rely on information in client headers.
Explicit HTTPS
In the case of explicit HTTPS, AsyncOS has access to the following information
in client headers:
in client headers:
•
URL
•
Destination port number
Therefore, for explicit HTTPS transactions, it is possible to match a routing
policy based on URL or port number.
policy based on URL or port number.