I would like to classify the SSL traffic with SSL Common Name criteria.
Please follow the procedure below to identify the SSL Common Name,
1. Create an SSL class with Service:SSL for inbound and outbound.
2. Access the CLI.
3. Use the class criteria track command to identify the certificate Common Names used in the SSL traffic. For example:
# class criteria track /inbound/ssl SSL commonName
4. Access the SSL websites you would like to classify, allowing a period of time for SSL traffic to be generated.
5. Use the class criteria recent command to show recent values for a class. For example:
# class criteria recent /inbound/ssl
Traffic Class: /Inbound/SSL
Application: SSL
Attribute: commonName (Common Name)
Recent Attribute Values (most recent first)
------------------------------------------------------------------------------
1. bluecoat.com
2. online.bluecoat.com
6. Turn off tracking when you are done. For example:
# class criteria track /inbound/ssl off
7. Once you have identified the Common Name, you can edit the SSL class matching rule and add the desired Common Name. Click on apply changes.