SSL Decryption Explained Decrypt Resign Copy Cert to

SSL Decryption Explained Decrypt Resign Copy Cert to Client Copy Cert to FP Internal Cert Internal Public Key Internal Sig Internal Private Key Internal CA Copy PVT Key Yahoo Pub/Pvt Key External Internal Original https request SSL Tunnel Created Using Resigned Yahoo Cert Clear Using Original Yahoo Cert Yahoo Public Key Verisign Sig

SSL Decryption Explained *NOTE The original untrusted Signature is kept if we resign the Client will trust an originally untrusted Certificate as they have a trusted Internal CA Cert Decrypt Replace Key Copy Cert to Client Copy Cert to FP Internal Cert Internal Public Key Internal Sig Internal Private Key Internal CA Copy PVT Key Untrusted Pub/Pvt Key Untrusted Cert Untrusted Self Signed External Internal Original https request Untrusted Cert Untrusted Public Key Untrusted Cert Untrusted Self Signed *NOTE SSL Tunnel Created Using original signed cert with Replace only Public Key Clear Untrusted Public Key Using Original Untrusted Cert

SSL Decryption Explained Decrypt Known Key Copy Trusted Server Certificate to Client Trusted Server Cert Trusted Server Public Key Trusted Server Self Sig Copy Trusted Server PVT Key Trusted Server Cert Trusted Server Public Key Trusted Server Self Sig Trusted Server Private Key DMZ External Original HTTPS request to DMZ Server Trusted Server Cert Trusted Server Public Key Trusted Server Self Sig SSL Tunnel Created Using original Trusted Certificates & Keys Clear Using Original Copies of Trusted Certificate & Keys