How to View Decrypted Traffic

How to View Decrypted Traffic

Created On 09/25/18 19:43 PM - Last Modified 02/08/19 00:01 AM


This article will describe multiple ways to confirm whether traffic has been decrypted or not.



To confirm decrypt on the CLI, use the following command:

> show session all filter ssl-decrypt yes


Decrypted sessions will have an * (asterisk) associated with them. Viewing the session ID will mark application 'app-name (proxy)', confirming that session is decrypted.



To confirm that the traffic is decrypted inside the WebGUI > Monitor > Logs > Traffic.  Click the magnifying glass icon in the traffic log entries to confirm that the connections were decrypted.


2017-11-08_decrypted2.jpgYou will see the "Decrypted " checkbox checked when the traffic is decrypted. 


Another way to validate the decrypted session is by enabling the column "Decrypted" as below Traffic logs . This can be done by clicking on the arrow down next to any column title and selecting the Columns > Decrypted.


2017-11-08_decrypted3.jpgTraffic logs after enabling the Decrypted column.


See also

SSL decryption resource list

The SSL decryption resource list has a long list of articles only dealing with SSL decryption. 


owner: bryan

  • Print
  • Copy Link

Choose Language