Palo Alto Networks Knowledgebase: How to Temporarily Disable SSL Decryption

How to Temporarily Disable SSL Decryption

3566
Created On 08/05/19 19:22 PM - Last Updated 08/05/19 19:48 PM
Resolution

Overview

This document describes how to temporarily disable SSL decryption without modifying your decryption policy. This may be useful for troubleshooting purpose.

 

Details

To temporarily disable SSL decryption, use the following command:

> set system setting ssl-decrypt skip-ssl-decrypt yes

 

Note: This command is immediate, it does not require a commit. Also, this state is not persistent and will not be maintained after a reboot.

 

To re-enable decryption, use the following command:

> set system setting ssl-decrypt skip-ssl-decrypt no

 

owner: nbilly



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClZ6CAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language