Cisco Bug: CSCvi01404 - ssl inspection policy may cause sites using ECDSA signed certificates to fail
Last Modified
Oct 18, 2019
Products (35)
- Cisco Firepower Management Center
- Cisco Firepower Management Center 4600
- Cisco FirePOWER Appliance 8360
- Cisco FirePOWER Appliance 8120
- Cisco FirePOWER Appliance 8260
- Cisco Firepower Management Center 2500
- Cisco FirePOWER Appliance 7050
- Cisco FirePOWER Appliance 8140
- Cisco FirePOWER Appliance 8130
- Cisco AMP 7150

Known Affected Releases
6.1.0 6.2.0 6.2.2 6.2.3 6.3.0
Description (partial)
Symptom: SSL_ERROR_DECRYPT_ERROR_ALERT shown in a browser. Inspection of the server certificate shows a signature algorithm mentioning Elliptic Curve Digital Signature Algorithm (ECDSA). Conditions: Physical and virtual managed devices, ASA with Firepower Services devices, and physical and virtual Firepower Threat Defense devices with an SSL inspection policy configured to decrypt traffic.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Status
- Severity
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases