Policy Configuration : Configuring Client SSL
Configuring Client SSL
The Client DPI-SSL deployment scenario typically is used to inspect HTTPS traffic when clients on the LAN browse content located on the WAN. In the Client DPI-SSL scenario, the SonicWALL firewall appliance typically does not own the certificates and private keys for the content it is inspecting. After the appliance completes a DPI-SSL inspection, it rewrites the certificate sent by the remote server and signs this newly generated certificate with the certificate specified in the Client DPI-SSL configuration. By default, this is the SonicWALL certificate authority (CA) certificate, or a different certificate can be specified. Users should be instructed to add the certificate to their browser’s trusted list to avoid certificate trust errors.
The following sections describe how to configure Client DPI-SSL:
Configuring General Client DPI-SSL Settings
Configuring the Inclusion/Exclusion List
Adding Trust to the Browser
Content Filtering