Guest

Preview Tool

Cisco Bug: CSCvh85246 - ssl inspection can be limited by a "do not decrypt" rule specifying one or more common names

Last Modified

Jan 02, 2019

Products (32)

  • Cisco Firepower Management Center
  • Cisco Firepower Management Center 2500
  • Cisco FirePOWER Appliance 8120
  • Cisco FirePOWER Appliance 7050
  • Cisco FirePOWER Appliance 8260
  • Cisco FirePOWER Appliance 8360
  • Cisco AMP 7150
  • Cisco FirePOWER Appliance 8130
  • Cisco FirePOWER Appliance 8140
  • Cisco AMP 8150
View all products in Bug Search Tool Login Required

Known Affected Releases

6.1.0 6.2.0 6.2.1 6.2.2 6.2.2.2 6.2.3

Description (partial)

Symptom:
SSL decryption failing to servers with unsupported ciphers.
Error UNSUPPORTED_EXTENSION (0xb0000152) can appear in the connection event.

Conditions:
Physical and virtual managed devices, ASA with FIREPOWER Services devices, and physical and virtual Firepower Threat Defense devices with an SSL policy.

SSL policy configured with a rule to decrypt traffic below a rule to not decrypt traffic specifying one or more common names.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.