Secure Computing SSL Scanner User Manual

SSL Scanner

—

Bypass SSL Scanner

The SSL Scanner is bypassed completely, i. e. no activities whatso-
ever are performed.

Client Certificate Handling

The

Client Certificate Handling

section looks like this:

Using this section, you can configure what should happen if the server that is
requested by a client asks for a client certificate.

Using this section, you can configure tunneling for particular URL filtering cat-
egories. You can configure up to three categories for tunneling. These may
pre-defined or user-defined categories.

If you want to use additional categories, you need to enter them in the

global.ini

configuration file, which is located in the

conf

folder of the Web-

washer program files.

This tunneling option is not enabled by default. If you want to enable it, mark
the checkbox next to the section heading.

After specifying the appropriate information, click on

Apply Changes

to make

your settings effective.

Use the following radio buttons to configure the handling of client certificates:

•

Verify server certificate and use client certificates to decrypt ses-

sion

Enable this option to have both the server and the client certificate, i. e.
the certificate the client was requested to submit by the server, checked by
the verification process.

The certificate list is searched for the client certificate in order to authen-
ticate the client. If the search has been successful, the session will be
allowed and the communication decrypted. If no appropriate client certifi-
cate is found, the request will be denied.

Clicking on the

Client Certificates

link provided with this option, takes

you to the

Client Certificate

tab, where you can add more certificates to

this list.

4–11