Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

TPS SSL Inspection and Private Keys

    • Updated:
    • 28 Sep 2017
    • Product/Version:
    • TippingPoint TPS All
    • Platform:
Summary

The 2200T Threat Protection System (TPS) device offers the ability to perform SSL inspection by purchasing the relevant license. If the device is not licensed for SSL inspection, the SMS displays a notification. Once you install a license file that allows for SSL inspection, you must reboot the device for the change to take effect. When configuring the TPS device for SSL inspection, you have the ability to store the private keys either locally on the TPS or remotely on the SMS.

Details
Public

Persist Private Keys: Enabled / Disabled

Disabled: This option is recommended if you wish to keep keys in only one location. In this case the keys will only be persisted (stored) on the SMS. The TPS device will request the keys from the SMS when needed. If the SMS is not available, or the private key password has not been entered then any SSL traffic will continue to pass through the box un-inspected until the device retrieves the private keys.

Enabled: Private keys are stored on the device. This option does not require the SMS to be available or the private key password to be entered on the SMS in order for the SSL feature to be enabled.

Things to think about;

  1.  If the “Persist Private Keys” option is disabled (keys are stored in the SMS) and the TPS device re-boots, the device will lose the keys and will have to request them from the SMS.
  2.  If the “Persist Private Keys” option is enabled (keys are stored in the device) and the option is disabled, the keys will persist in memory until the device is re-booted. After the reboot, the device will not have the keys so it will reach back to the SMS to send them down. Until the device gets those keys it will not be able to decrypt SSL traffic.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000090900
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.