SonicOS 7.1 Firewall

Technical Documentation>  SSL Control>  SSL Control Events
Table of Contents

SSL Control Events

Log events include the client’s username in the notes section (not shown) if the user logged in manually or was identified through CIA/Single Sign On. If the user’s identity is not available, the note indicates the user is Unidentified.

SSL control: Event messages
# Event Message Conditions When it Occurs
1 SSL Control: Certificate with Invalid date The certificate’s start date is either before the SonicWall’s system time or it’s end date is after the system time.
2 SSL Control: Certificate chain not complete
The certificate has been issued by an intermediate CA with a trusted top-level CA, but the SSL server did not present the intermediate certificate. This log event is informational and does not affe3ct the SSL connection.
3 SSL Control: Self-signed certificate

The certificate is self-signed (the CN of the issuer and the subject match).

For information about enforcing self-signed certificate controls, see SSL Control Events.
4 SSL Control: Untrusted CA

The certificate has been issued by a CA that is not in the Device > Settings > Certificates store of the firewall.

For information about enforcing self-signed certificate controls, see SSL Control Events.
5 SSL Control: Website found in blacklist The common name of the subject matched a pattern entered into the blacklist.
6 SSL Control: Weak cipher being used

The symmetric cipher being negotiated was fewer than 64 bits. For a list of weak ciphers, see SSL Control Events.
7 SSL Control: Failed to decode Server Hello The Server Hello from the SSL server was undecipherable. Also occurs when the certificate and Server Hello are in different packets, as is the case when connecting to a SSL server on a SonicWall appliance. This log event is informational, and does not affect the SSL connection.
8 SSL Control: Website found in whitelist The common name of the subject (typically a website) matched a pattern entered into the Whitelist. Whitelist entries are always allowed, even if there are other policy violations in the negotiation, such as SSLv2 or weak ciphers.
9 SSL Control: HTTPS via SSLv2

The SSL session was being negotiated using SSLv2, which is known to be susceptible to certain man-in-the-middle attacks. Best practices recommend using SSLv3 or TLS instead.