Handling encrypted traffic

Failed to execute the [bmc-contextid] macro.

A web application uses encryption to protect sensitive data that travels between the client and the server. Without the proper deciphering mechanism, the system cannot decrypt the intercepted traffic.

For the system to decipher encrypted traffic, the Security role user uploads cryptographic keys to the

The macro unmigrated-inline-wiki-markup from Confluence is no longer available.

and maps them to the particular IP addresses and port numbers.

The following topics provide information and instructions about handling the encrypted traffic:

Note

This information is specific to traffic as it is captured by the

The macro unmigrated-inline-wiki-markup from Confluence is no longer available.

on its way into

The macro unmigrated-inline-wiki-markup from Confluence is no longer available.

, and not traffic data flowing between the Collector and Analyzer components.

Monitor the flow of encrypted traffic by reviewing the following information:

  • Traffic-capture statistics (the Home page of

    The macro unmigrated-inline-wiki-markup from Confluence is no longer available.

    )

  • Traffic-status analysis (

    The macro unmigrated-inline-wiki-markup from Confluence is no longer available.

     > Administration > Security settings > Key management)

Tip

If the Key management page shows any errors related to encrypted traffic, you can click links to troubleshoot the problem. For example, if you click the n% no key, the system shows a list of IP addresses and port numbers that have been detected but not mapped to cryptographic keys.

Note

If you have enabled the Automatic page reload feature, the Key management page automatically refreshes regularly.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*