Skip to content

Valtix Documentation

Valtix Decryption Profile Creation and Association

Valtix Documentation

Valtix Home
Documentation
Documentation
- Solution Overview
- Getting Started
  Getting Started
  - AWS
    AWS
    
    Overview
    
    Cloud Formation
    
    Account Onboarding
    
    Route53 Logging
    
    VPC Flow Logs
    
    Tech Notes
    Tech Notes
    
    IAM Roles
    
    Discovery Features
    
    VPC Setup
  - Azure
    Azure
    
    Overview
    
    AD Application
    
    Custom Role
    
    Marketplace Terms
    
    User Assigned Identity
    
    Account Onboarding
    
    VNet Setup
  - GCP
    GCP
    
    Overview
    
    Enable API
    
    Service Accounts
    
    Account Onboarding
    
    VPC Setup
- Discovery
  Discovery
- Security Gateways
  Security Gateways
  - Overview
  - AWS
    AWS
    
    Edge/VPC Mode
    Edge/VPC Mode
    
    Ingress
    
    Hub Mode using Transit Gateway
    Hub Mode using Transit Gateway
    
    Service VPCs
    Service VPCs
    
    Manage Service VPCs
    
    Manage Spoke VPCs
    
    Ingress
    
    Egress and East-West
  - Azure
    Azure
    
    Ingress
    
    Egress and East-West
    
    Service VNet
  - GCP
    GCP
    
    Ingress
    
    Egress and East-West
  - Upgrade
- Address & Service Objects
  Address & Service Objects
- Security Policy
  Security Policy
  - Ruleset
  - Rules
- TLS and Decryption
  TLS and Decryption
  - Certificates & Keys
  - Decryption Decryption
    Table of contents
    
    Associate the Decryption Profile with an Ingress Service Object
  - Tech Notes
    Tech Notes
    
    Azure Key Vault
    
    AWS KMS
    
    Self-Signed Certificates
- Network Threats
  Network Threats
- WAF and Application Threats
  WAF and Application Threats
  - WAF (Web Application Firewall)
  - L7 DoS (L7 Denial of Service)
- FQDN and URL Filtering
  FQDN and URL Filtering
  - FQDN
  - URL
- Packet Capture
  Packet Capture
  - Packet Capture
- Investigate & Analysis
  Investigate & Analysis
  - System Status
    System Status
    
    Audit Logs
    
    System Logs
  - Flow Analytics
    Flow Analytics
    
    Overview
    
    All Events
    
    Flow Logs
    
    Firewall Events
    
    Network Threats
    
    Web Attacks
    
    HTTPS Logs
    
    URL Filtering
    
    FQDN Filtering
    
    Traffic Summary
  - Network Analytics
    Network Analytics
    
    Stats
- Alerts & Notification
  Alerts & Notification
  - Overview
  - ServiceNow
  - Pagerduty
  - Slack
- Log Forwarding
  Log Forwarding
  - Splunk
  - Datadog
  - Syslog
  - GCP Logging
- Users & Settings
  Users & Settings
- Terraform
  Terraform
  - Terraform
Tutorials
Tutorials
- Overview
- AWS
  AWS
  - Egress & East-West
    Egress & East-West
    
    Discover
    Discover
    
    Step 1: AWS Setup
    
    Step 2: Add AWS Account
    
    Step 3: Discovery
    
    Deploy
    Deploy
    
    Step 1: Deploy Service VPC
    
    Step 2: Deploy Valtix Gateway
    
    Step 3: Protect Spoke VPCs
    
    Defend
    Defend
    
    Step 1: Policy Rule
    Step 1: Policy Rule
    
    Forward Proxy
    
    Forwarding
    
    Step 2: Security Profiles
    Step 2: Security Profiles
    
    IPS
    
    FQDN-Filtering
    
    Data Loss Prevention
  - Ingress
    Ingress
    
    Discover
    Discover
    
    Step 1: AWS Setup
    
    Step 2: Add AWS Account
    
    Step 3: Discovery
    
    Deploy
    Deploy
    
    Step 1: Deploy Service VPC
    
    Step 2: Deploy Valtix Gateway
    
    Step 3: Protect Spoke VPCs
    
    Defend
    Defend
    
    Step 1: Policy Rule
    
    Step 2: Security Profiles
    Step 2: Security Profiles
    
    IPS
    
    WAF
FAQ
FAQ
- FAQ
Release Notes
Release Notes

Decryption Profile¶

Decryption profiles are used for TLS termination in Ingress (ReverseProxy) and for impersonating and signing the external host's certificate in Egress (ForwardProxy) mode.

Navigate to Manage -> Profiles -> Decryption
Enter a name and a description.
In the Certificate Method choose Select Existing
Select the certificate
Click Save.

Associate the Decryption Profile with an Ingress Service Object¶

Check this document