Mapping IP addresses to the cryptographic keys

You can map an IP address to a key that you have uploaded, or you can upload a new key file when you set up IP mapping. You can map many SSL keys to one IP mapping.

Before you begin

Before the system can begin decrypting traffic from the IP address, you must enable the key in the

The macro unmigrated-inline-wiki-markup from Confluence is no longer available.

.

To map the IP address to the cryptographic key

The macro unmigrated-inline-wiki-markup from Confluence is no longer available.

 

Example

Your system is capturing encrypted traffic from the 192.0.2.12 IP address. The task is to map this IP address to the 2_cryptoKey.der cryptographic key that was uploaded previously. Its password is crypt0pa$$.

  1. In the the

    The macro unmigrated-inline-wiki-markup from Confluence is no longer available.

    component, point to Administration > Security settings, and then click Key management.
  2. On the Action menu, click Add new IP mapping.
  3. In the IP box, type the IP address to which you want to map the key (for example, 192.0.2.12).
  4. In the Port box, type the number of the port associated with the IP address (for example, 443).
  5. Click Attach an existing key, and in the Key name box, select the name of the cryptographic key that you want to map to the specified IP address (for example, 2cryptoKey.der).
  6. Click Save.

    The new IP mapping appears in the list of IP mappings. The system begins decrypting traffic from 192.0.2.12 using the 2cryptoKey.der key.

Related topic

Enabling-the-uploaded-key-files

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*