SSL Termination

SSL operations need to be changed to Prophaze WAF itself. It needs to decrypt the encrypted data to get access to HTTP data to identify any known threats in the post content, etc. WAF can then communicate with the server in plain text or SSL.

Having a copy of the SSL private key in the WAF can decrypt the encrypted traffic. The original requests and responses are never affected; they reach the web server, where they are separately decrypted.

PreviousPerformance NextModes of Operation

Last updated 2 months ago