Configure the Modules for HTTPS Scanning

Last updated
Save as PDF

You can configure settings for the modules (engines) that are involved in HTTPS scanning to modify the way SSL-secured web traffic is processed.

The modules for HTTPS scanning include:

SSL Scanner module
SSL Client Certificate Handling module
SSL Client Context with CA module
Certificate Chain module
SSL Client Context without CA module

There are several ways of accessing the settings for these modules on the user interface.

Access the settings for the HTTPS scanning modules that you want configure in one of the following ways:
- Select Policy | Settings. Then select the settings you want to configure on the Engines branch of the settings tree.the settings tree
  On this branch, the settings appear below their modules (engines), which are arranged in alphabetical order. For example, the Default CA settings for the SSL Client Context with CA module appear below this module.
- Select Policy | Rule sets. Then select a rule set on the rule sets tree with rules that use the HTTPS scanning modules to process web traffic.
  For example, the HTTPS Scanning rule set uses the SSL Client Context with CA module to set a client context for HTTPS scanning. You can access the settings for this module in both views that are provided for a rule set.
  - Key elements view (this is the view that you see first after selecting a rule set)
    In this view, the SSL Client Context with CA option allows you to edit the settings for this module.
  - Complete rules view (this is the view that you see after clicking Unlock View in the former view)
    In this view, you can access the Set Client Context rule, which uses the SSL Client Context with CA to processweb traffic. The rule displays the Default CA settings, which allows you to access and configure them. The rule is included in the Handle Connect Call rule set, which is embedded in the HTTPS Scanning rule set.
Configure any of these settings as needed.
Click Save Changes.