I would like to classify the SSL traffic with SSL Common Name criteria.

Please follow the procedure below to identify the SSL Common Name,

1. Create an SSL class with Service:SSL for inbound and outbound.

2. Access the CLI.

3. Use the class criteria track command to identify the certificate Common Names used in the SSL traffic. For example:

# class criteria track /inbound/ssl SSL commonName

4. Access the SSL websites you would like to classify, allowing a period of time for SSL traffic to be generated.

5. Use the class criteria recent command to show recent values for a class. For example:

# class criteria recent /inbound/ssl

Traffic Class: /Inbound/SSL
Application: SSL
Attribute: commonName (Common Name)

Recent Attribute Values (most recent first)
------------------------------------------------------------------------------
1. bluecoat.com
2. online.bluecoat.com

6. Turn off tracking when you are done. For example:

# class criteria track /inbound/ssl off

7. Once you have identified the Common Name, you can edit the SSL class matching rule and add the desired Common Name. Click on apply changes.