SonicOS 7.1 Firewall
- SonicOS 7.1
- About SonicOS
- About Firewall
- Advanced
- Flood Protection
- SSL Control
- Cipher Control
- Real-Time Black List (RBL) Filter
- Use cases
SSL Control Events
Log events include the client’s username in the notes section (not shown) if the user logged in manually or was identified through CIA/Single Sign On. If the user’s identity is not available, the note indicates the user is Unidentified.
| # | Event Message | Conditions When it Occurs |
|---|---|---|
| 1 | SSL Control: Certificate with Invalid date | The certificate’s start date is either before the SonicWall’s system time or it’s end date is after the system time. |
| 2 | SSL Control: Certificate chain not complete |
The certificate has been issued by an intermediate CA with a trusted top-level CA, but the SSL server did not present the intermediate certificate. This log event is informational and does not affe3ct the SSL connection.
|
| 3 | SSL Control: Self-signed certificate |
The certificate is self-signed (the CN of the issuer and the subject match). For information about enforcing self-signed certificate controls, see SSL Control Events. |
| 4 | SSL Control: Untrusted CA |
The certificate has been issued by a CA that is not in the Device > Settings > Certificates store of the firewall. For information about enforcing self-signed certificate controls, see SSL Control Events. |
| 5 | SSL Control: Website found in blacklist | The common name of the subject matched a pattern entered into the blacklist. |
| 6 | SSL Control: Weak cipher being used |
The symmetric cipher being negotiated was fewer than 64 bits. For a list of weak ciphers, see SSL Control Events. |
| 7 | SSL Control: Failed to decode Server Hello | The Server Hello from the SSL server was undecipherable. Also occurs when the certificate and Server Hello are in different packets, as is the case when connecting to a SSL server on a SonicWall appliance. This log event is informational, and does not affect the SSL connection. |
| 8 | SSL Control: Website found in whitelist | The common name of the subject (typically a website) matched a pattern entered into the Whitelist. Whitelist entries are always allowed, even if there are other policy violations in the negotiation, such as SSLv2 or weak ciphers. |
| 9 | SSL Control: HTTPS via SSLv2 |
The SSL session was being negotiated using SSLv2, which is known to be susceptible to certain man-in-the-middle attacks. Best practices recommend using SSLv3 or TLS instead. |
Was This Article Helpful?
Help us to improve our support portal