Key management views
In the
component, point to Administration > Security settings, and then click Key management. The following views present information on this page:- Traffic status view — A graph that shows the following metrics:
- The ratio of plain text to secure traffic
- The ratio of decrypted traffic to not decrypted
- The ratio of HTTP (plain text) and HTTPS (secure) to other protocols
- The percentage of traffic that is not decrypted because the corresponding cryptographic key is turned off, not working, or missing
- Keys view — Lists the keys that have been uploaded to the system
- IP mappings view — Lists the IP addresses and port numbers associated with the uploaded cryptographic keys
- IPs with no keys view — Lists the IP addresses and port numbers detected by the system but not mapped to a cryptographic key
- Alert settings view — Interface for setting up alerts about the SSL keys no longer decrypting traffic
Key status/IP mapping detection status
Symbol | Status |
|---|---|
| SSL key file is missing. This might happen if the SSL key is configured but the key file itself is deleted. |
| IP mapping is deciphering the encrypted traffic normally. |
| IP mapping is not deciphering encrypted traffic. |
| IP mapping has no traffic. |
| IP address has no matching IP mapping. |
The following limitations exist:
- The system can store up to 500 keys.
- The system supports PEM, DER and PFX SSl key formats.
- For security reasons, you cannot download the keys from the system.
Supported cipher suites
Cipher suite | Encryption algorithm | Cipher block length, bits | MAC algorithm |
|---|---|---|---|
1 | No encryption | 0 | MD5 |
2 | No encryption | 0 | SHA |
3 | RC4 | 128 | MD5 |
4 | RC4 | 128 | MD5 |
5 | RC4 | 128 | SHA |
6 | RC4 | 128 | MD5 |
7 | IDEA | 128 | SHA |
8 | DES | 64 | SHA |
9 | DES | 64 | SHA |
10 | Triple DES | 192 | SHA |
47 | AES | 128 | SHA |
53 | AES | 256 | SHA |
59 | No encryption | 0 | SHA256 |
60 | AES128 | 128 | SHA256 |
61 | AES256 | 256 | SHA256 |
65 | CAM128 | 128 | SHA |
96 | RC4 | 128 | MD5 |
97 | RC2 | 128 | MD5 |
98 | DES | 64 | SHA |
100 | RC4 | 128 | SHA |
132 | RSA | 256 | SHA |
146 | PSK | 128 | SHA |
147 | PSK | 192 | SHA |
148 | PSK | 128 | SHA |
149 | PSK | 256 | SHA |
150 | RSA | 128 | SHA |
182 | PSK | 128 | SHA256 |
183 | PSK | 256 | SHA384 |
184 | PSK | 128 | SHA256 |
185 | PSK | 256 | SHA384 |
65664 | RSA | 128 | MD5 |
131200 | RSA | 128 | MD5 |
196736 | RSA | 128 | MD5 |
262272 | RSA | 128 | MD5 |
327808 | RSA | 128 | MD5 |
393344 | RSA | 64 | MD5 |
458880 | RSA | 192 | MD5 |
524416 | RSA | 128 | MD5 |
Related topic