It may be noticed that ECC (Elliptic Curve Cryptography) or RSA based SSL / TLS sites are not able to be decrypted on the SSL visibility device. These connections may appear to be cut through even though there is no cut-through rule.
The SSL Visibility device will need two resigning certificates to be able to intercept and decrypt all ciphers. One for RSA, and another for Elliptical Curve cipher. If one of these are missing, it will need to be created and added.
In this example we are creating a missing ECC key for resigning.
Step 1 - Create a new signing cert for Eliptical Curve resigning: