When adding server-to-certificate pairs, a cleartext option is available. This option indicates that the portion of the TCP connection between the SonicWALL firewall appliance and the local server is in the clear without the SSL layer, thus allowing SSL processing to be offloaded from the server by the appliance.Note that in order for such configuration to work properly, a NAT policy needs to be created on the Network > NAT Policies page to map traffic destined for the offload server from an SSL port to a non-SSL port. For example, in case of HTTPS traffic being used with SSL offloading, an inbound NAT policy remapping traffic from port 443 to port 80 needs to be created in order for things to work properly.