display ssl whitelist dynamic { ip ip-address | sni server-name | hostname host-name | all } [ all-systems ]
| Parameter | Description | Value |
|---|---|---|
| ip ip-address | Specifies the IP address for which the dynamic SSL domain name whitelist is displayed. | The IP address must be in the dynamic SSL domain name whitelist. |
| sni server-name | Specifies the server SNI for which the dynamic SSL domain name whitelist is displayed. | The server SNI must be in the SNI dynamic SSL domain name whitelist. |
| hostname host-name | Specifies the domain name for which the dynamic SSL domain name whitelist is displayed. | The domain name must be in the SNI dynamic SSL domain name whitelist. |
| all | Displays all information about the dynamic SSL domain name whitelist. | - |
| all-systems | Displays the dynamic SSL domain name whitelist information of all systems. | - |
The FW adds the IP address, port number, and SNI of the traffic to the dynamic SSL domain name whitelist when the FW cannot decrypt the traffic that matches the SSL-encrypted traffic detection policy. For the traffic that matches the dynamic SSL domain name whitelist, the FW does not perform SSL proxy. Instead, the FW transparently transmits the traffic.
# Display all whitelist information.
<sysname> display ssl whitelist dynamic all Total SSL whitelist(s): 1 ----------------------------------------- IP PORT SNI 10.1.1.1 443 www.test.com
Item |
Description |
|---|---|
Total SSL whitelist(s) |
Total number of records in the dynamic SSL domain name whitelist |
IP |
IP address of the server |
PORT |
Port number of the server |
SNI |
SNI of the client |