SSL Scanner
If the Common Name in a certificate is, e. g. abcde.com, but the Web server’s URL is in fact www.abcde.com, no match is achieved.
•Wildcard matches host name
Compares the wildcard used in a certificate to represent a Common Name to the host name. So, e. g. the wildcard expression *.ccc.de matches www.ccc.de.
If a match is achieved, the configured action will be executed.
•Certificate is expired for more than ... days
Checks if a certificate has expired. If more than the number of days config- ured here have elapsed since expiration of the certificate, the configured action will be executed. A grace period may allow the use of the certificate even after it has expired.
Enter the desired number of days in the input field provided with this option.
•Certificate is revoked
Checks if a certificate has been revoked. For this purpose, the Certificate Revocation List (CRL) is used. If the certificate has been revoked, the configured action will be executed.
•Revocation status is unresolvable
The reason why the revocation status is unresolvable could be that the cor- responding certificate authority or the path leading to the Certificate Revo- cation List (CRL) is not known.
4.4
Scan Encrypted Traffic
The Scan Encrypted Traffic options are invoked by clicking on the corresponding button under SSL Scanner:
If you want to enable any of these options, make sure the checkbox on this button is also marked. The checkbox is marked by default.
After modifying the setting of this checkbox, click on Apply Changes to make the modification effective.
These are