Selecting the default action for SSL connections

3 July 2024

ID 186341

The default action is applied if an SSL connection containing a CONNECT request does not meet the conditions of any SSL rule.

To select the default action to take on SSL connections:

  1. In the application web interface, select the SettingsBuilt-in proxy serverSSL section.
  2. Select one of the following options in the Default action drop-down list:
    • Tunnel with SNI check.

      The application will not intercept CONNECT requests for which no SSL connection processing rules are defined. These requests will not be taken into account in the statistics on processed traffic in the Dashboard section. It may also fail to apply protection rules and the following access rule conditions: MIME type of HTTP message, MIME type of HTTP message part, File size, HTTP Method.

    • Bump.

      The application will intercept CONNECT requests and analyze the contents of encrypted connections for which no SSL connection processing rules are defined. For services that do not support intercepts of CONNECT requests, you must create an SSL connection processing rule with the Tunnel action. If no such rules exist, an SSL connection may be blocked due to an intercept error.

    • Terminate.

      The application will block CONNECT requests for which no SSL connection processing rules are defined.

  3. Click Save.

The default action for SSL connections is now configured.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.