Cisco Bug: CSCvi01404 - ssl inspection policy may cause sites using ECDSA signed certificates to fail

Last Modified

Aug 15, 2019

Products (32)

Cisco Firepower Management Center
Cisco FirePOWER Appliance 8360
Cisco Firepower Management Center 2500
Cisco FirePOWER Appliance 7050
Cisco FirePOWER Appliance 8260
Cisco FirePOWER Appliance 8120
Cisco FirePOWER Appliance 8350
Cisco FirePOWER Appliance 8130
Cisco FirePOWER Appliance 8140
Cisco AMP 8150

View all products in Bug Search Tool Login Required

Known Affected Releases

6.1.0 6.2.0 6.2.2 6.2.3 6.3.0

Description (partial)

Symptom:
SSL_ERROR_DECRYPT_ERROR_ALERT shown in a browser.

Inspection of the server certificate shows a signature algorithm mentioning Elliptic Curve Digital Signature Algorithm (ECDSA).

Conditions:
Physical and virtual managed devices, ASA with Firepower Services devices, and physical and virtual Firepower Threat Defense devices with an SSL inspection policy configured to decrypt traffic.

View Bug Details in Bug Search Tool Login Required

Why Is Login Required?

Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

Full Description (including symptoms, conditions and workarounds)
Status
Severity
Known Fixed Releases
Related Community Discussions
Number of Related Support Cases

Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.

Learn More About Cisco Service Contracts