Detailed information about successful and unsuccessful
TLS handshakes provides visibility and makes decryption troubleshooting
easier.
Decryption Logs display
entries for unsuccessful TLS handshakes by default and can display
entries for successful TLS handshakes if you enable them in Decryption
policy. If you enable entries for successful handshakes, ensure
that you have the system resources (log space) for the logs.
Decryption logs include a vast amount of information to help
you
Troubleshoot and Monitor Decryption and then
resolve issues. There are 62 columns of different types of information
you can enable in the logs, and you can select any individual log
(
, the magnifying
glass) and see the details in a single Detail view. You can view
certificate, cipher suite, and error information such as: subject
common name, issuer common name, root common name, root status, certificate
key type and size, certificate start and end date, certificate serial
number, certificate fingerprint, TLS version, key exchange algorithm,
encryption algorithm, negotiated EC curve, authentication algorithm,
SNI, proxy type, errors information (cipher, HSM, resource, resume,
protocol, feature, certificate, version), and error indexes (codes
that you can look up to get more error information).