How to Temporarily Disable SSL Decryption

How to Temporarily Disable SSL Decryption

28410
Created On 09/25/18 19:30 PM - Last Modified 06/08/23 02:41 AM


Resolution


Overview

This document describes how to temporarily disable SSL decryption without modifying your decryption policy. This may be useful for troubleshooting purpose.

 

Details

To temporarily disable SSL decryption, use the following command:

> set system setting ssl-decrypt skip-ssl-decrypt yes

 

Note: This command is immediate, it does not require a commit. Also, this state is not persistent and will not be maintained after a reboot.

 

To re-enable decryption, use the following command:

> set system setting ssl-decrypt skip-ssl-decrypt no

 

owner: nbilly



Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClZ6CAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language