firewall : ssl-ssh-profile : config {ftps | https | imaps | pop3s | smtps}
 
config {ftps | https | imaps | pop3s | smtps}
Configure SSL protocol options.
Variable
Description
Default
ports <port_number_list>
Enter the port numbers to scan for this protocol.
Defaults: ftps 990, https 443, imaps 993, pop3s 995, smtps 465.
Depends on protocol.
allow‑invalid‑server‑cert {enable | disable}
Enable to allow SSL sessions whose server certificate validation failed.
Depends on protocol and profile.
client-cert-request {bypass | inspect | block}
Select what action is taken by the FortiGate SSL proxy when the client certificate request fails during the SSL handshake.
SSL sessions that use client-certificates bypass the SSL inspection by default. This command offers the options to inspect or block that traffic.
Depends on protocol and profile.
ssl‑ca‑list {enable | disable}
Enable to verify SSL session server certificate against stored CA certificate list.
Depends on protocol and profile.
status {certificate‑inspection | deep-inspection | disable}
Set type of inspection for this protocol.
Depends on protocol and profile.
unsupported-ssl {bypass | block}
Select whether to bypass or block undecryptable SSL sessions.
Depends on protocol and profile.