Cisco Cisco Web Security Appliance S170 Guia Do Utilizador
A-2
Cisco IronPort AsyncOS 7.7.5 for Web User Guide
Appendix A HTTPS Reference
Overview of HTTPS
3.
(Optional) Import custom root certificates. Optionally, you can import one or more custom root
certificates so the Web Proxy can recognize additional trusted root certificate authorities used by
HTTPS servers. For more information, see
certificates so the Web Proxy can recognize additional trusted root certificate authorities used by
HTTPS servers. For more information, see
Note
When the HTTPS Proxy is disabled, the Web Proxy passes through explicit HTTPS connections and it
drops transparently redirected HTTPS requests. The access logs contain the CONNECT requests for
explicit HTTPS connections, but no entries exist for dropped transparently redirected HTTPS requests.
drops transparently redirected HTTPS requests. The access logs contain the CONNECT requests for
explicit HTTPS connections, but no entries exist for dropped transparently redirected HTTPS requests.
This book uses many terms from digital cryptography. This book also includes sections with background
information about HTTPS and digital cryptography for reference only. For a list of the terms and
definitions used in this book, see
information about HTTPS and digital cryptography for reference only. For a list of the terms and
definitions used in this book, see
. For an overview of HTTPS the
protocol, see
.
Digital Cryptography Terms
To understand how encryption and decryption works, you need to understand a little bit about
cryptographic encoding techniques.
cryptographic encoding techniques.
Figure A-1
describes some terms used in cryptography that are
discussed in this chapter.
Table A-1
Cryptography Terms and Definitions
Term
Definition
Certificate authority
An entity which issues digital certificates for use by other parties.
Certificate authorities are sometimes referred to as trusted third parties.
Certificate authorities are typically commercial companies that charge for
their services. However, some institutions and governments have their own
certificate authorities, and some offer their services for free.
Certificate authorities are typically commercial companies that charge for
their services. However, some institutions and governments have their own
certificate authorities, and some offer their services for free.
Cipher
An algorithm used for encoding and decoding text to make it unreadable to
any system without the appropriate key.
any system without the appropriate key.
Ciphers work with keys to encode or decode text.
Ciphertext
Encoded text after a cipher has been applied to it.
Digital certificate
An electronic document that identifies and describes an organization that has
been verified and signed by a trusted organization called a certificate
authority.
been verified and signed by a trusted organization called a certificate
authority.
A digital certificate is similar in concept to an “identification card.” SSL uses
certificates to authenticate servers.
certificates to authenticate servers.
For more information about digital certificates, see
Digital signature
A checksum that verifies that a message was created by the stated author and
was not altered since its creation.
was not altered since its creation.
Key
A numeric parameter used by a cipher to encode or decode text.
Plaintext or cleartext
Message text in its original form, before it gets encoded by a cipher.