Configure the modules for SSL scanning

You can configure the modules for SSL scanning to modify the way SSL-secured web traffic is processed.

The following modules are involved in SSL scanning and can be configured:

  • SSL Scanner module
  • SSL Client Context module
  • Certificate Chain module


  1. Select PolicyRule Sets.
  2. On the rule sets tree, find the rule set for SSL scanning.
    By default, this is the SSL Scanner rule set.
  3. Expand the rule set and select the nested rule set that contains the rule with the settings for the module you want to configure.
    For example, to configure the SSL Scanner module, expand the nested Handle CONNECT Call rule set. It contains by default the rule Enable certificate verification with the Default certificate verification settings for the SSL Scanner module.
    The rules of the nested rule set appear on the settings pane.
  4. Make sure Show details is selected.
  5. Find the rule with the settings for the module you want to configure.
    This could be, for example, the Enable certificate verification rule that was mentioned above.
  6. Within the rule, click a settings name.
    For example, in the rule event of Enable certificate verification, click Default certificate verification.
    The Edit Settings window opens. It provides the settings for a module, for example, the SSL Scanner module.
  7. Configure these settings as needed.
  8. Click OK to close the window.
  9. Click Save Changes.