Webwasher 6.5 SSL Scanner User's Guide - McAfee
Webwasher 6.5 SSL Scanner User's Guide - McAfee
Webwasher 6.5 SSL Scanner User's Guide - McAfee
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>SSL</strong> <strong>Scanner</strong><br />
Using this section, you can configure actions for content with certificates issued<br />
by known Certificate Authorities (CAs) that are either trusted or untrusted, as<br />
well as for unknown Certificate Authorities.<br />
A vendor, having signed content by issuing a certificate, may request a CA to<br />
issue a certificate to sign this vendor certificate. This CA may itself have been<br />
signed by another CA, issuing certificates on a higher level. Together, these<br />
certificates form a certificate chain, which is inspected in a verification process.<br />
The CA that signed a certificate located on a lower level of the certificate chain<br />
is also called the root CA.<br />
The verification process begins by checking the CA that immediately signed<br />
the vendor certificate. It may be known, i. e., be included in the list of known<br />
CAs. If the CA is unknown, the verification process checks the CA on the<br />
next level and goes on to do so, until a known CA is found, or all CAs in the<br />
certificate chain have proven to be unknown. Usually, there are no more than<br />
three levels to a certificate chain.<br />
The first known CA to be found in the verification process is then checked as<br />
to whether it is trusted or untrusted. To be trusted, a CA must be included in<br />
thelistoftrustedCAs.<br />
The list of trusted CAs is configured in the Trusted Certificate Authorities<br />
section, which is also provided on this tab.<br />
To edit the list of known CAs, use the Known Certificate Authorities link,<br />
which is located at the top of this tab, to go to the tab provided for this purpose.<br />
When configuring actions for trusted CAs, remember that you have to select<br />
actions that include a Log Incident part, e. g. Block & Log Incident, ifyou<br />
want to have incidents related to these CAs listed by the incident manager.<br />
After specifying the appropriate settings here, click on Apply Changes to<br />
make them effective.<br />
Use the drop-down lists provided here to configure actions for the following<br />
situations:<br />
• First known CA is trusted<br />
Select an action here that should be taken if the first known CA is trusted.<br />
• First known CA is untrusted<br />
Select an action here that should be taken if the first known CA is untrusted.<br />
• Only unknow CAs found<br />
Select an action here that should be taken if only unknown CAs have been<br />
found.<br />
4–19