Objects > Decryption Profile

Decryption profiles enable you to block and control specific aspects of the SSL forward proxy, SSL inbound inspection, and SSH traffic. After you create a decryption profile, you can then add that profile to a decryption policy; any traffic matched to the decryption policy will be enforced according to the profile settings.
You can also control the CAs that your firewall trusts. For more information, refer to ManageDefault Trusted Certificate Authorities.
A default decryption profile is configured on the firewall, and is automatically included in new decryption policies (you cannot modify the default decryption profile). Click
Add
to create a new decryption profile, or select an existing profile to
Clone
or modify it.
What are you looking for?
See:
Add a new decryption profile.
Enable port mirroring for decrypted traffic.
Block and control SSL decrypted traffic.
Block and control traffic that you have excluded from decryption (for example, traffic classified as health and medicine or financial services).
Block and control decrypted SSH traffic.

Related Documentation