Нерасшифровываемые SSL-хосты

English translation: Non-decrypted SSL hosts

Login or register (free and only takes a few minutes) to participate in this question.

You will also have access to many other tools and opportunities designed for those who have language-related jobs (or are passionate about them). Participation is free and the site has a strict confidentiality policy.

GLOSSARY ENTRY (DERIVED FROM QUESTION BELOW)
Russian term or phrase:Нерасшифровываемые SSL-хосты
English translation:Non-decrypted SSL hosts
Entered by: nevaeva
Options:
- Contribute to this entry
- Include in personal glossary

20:44 Feb 25, 2018
Russian to English translations [PRO]
Tech/Engineering - IT (Information Technology) / Information Security / DL
Russian term or phrase: Нерасшифровываемые SSL-хосты
No context other than it's a user interface element of a data protection system.

TIA
nevaeva
Australia
Local time: 12:33
Non-decryptable SSL hosts
Explanation:
https://serverfault.com/questions/788127/configure-squid-to-...

--------------------------------------------------
Note added at 3 mins (2018-02-25 20:48:39 GMT)
--------------------------------------------------

Squid-3.5 can do that with the "ssl_bump splice" action if the traffic actually is TLS but not decryptable ...


--------------------------------------------------
Note added at 6 days (2018-03-04 16:18:59 GMT) Post-grading
--------------------------------------------------

Thank you so much!
Selected response from:

Vladys
Ukraine
Local time: 05:33
Grading comment
4 KudoZ points were awarded for this answer



Summary of answers provided
3 +2Non-decryptable SSL hosts
Vladys
3encrypted SSL host headers/names
Rashid Lazytech


Discussion entries: 3





  

Answers


5 hrs   confidence: Answerer confidence 3/5Answerer confidence 3/5
encrypted SSL host headers/names


Explanation:
How SNI Changed the Concept of Hosting HTTPS Web Sites? – Support Engineer Days Online
https://blogs.msdn.microsoft.com/omnia/2012/11/10/how-sni-ch...
== BEGIN QUOTE ==

The only two options to host multiple SSL sites on IIS:

1) Assign different IP addresses to different web sites. In that case you can assign different certificates to the different web sites because IIS can separate the web sites to serve for requests using the requested site’s IP address.

2) Use SAN or Wildcard certificate to host multiple web sites on same IP address and port (e.g.:443) then you need to use SSL Host Headers to separate multiple web sites.

For SAN Certificate we would add multiple host names (Domains) or subdomains like Contoso.com, DagHc1,DagHc1.Contoso.com

<...>

If you are using the same IP address and the same port (e.g.: 443) then when the request arrives to IIS, it cannot understand which site is requested because the requested host name is also encrypted in SSL session. So, IIS first needs to decrypt the request to have the host name, then it can identify the correct web site because it would have the requested host name. In other words, IIS understands which site to be served after decrypting the request with SSL and then is able to send the request to the correct web site. This means that when the request comes to the web server, as IIS do not know which site to serve, IIS cannot verify which SSL certificate to decrypt the request so there is a need to have just one certificate for decryption process with only one IP address and same port.

== END QUOTE ==

Run Multiple Websites On The Same IP Address And Port Even Over SSL - Steve Fenton
https://www.stevefenton.co.uk/2011/06/run-multiple-websites-...
== BEGIN QUOTE ==

Once you have run this for each web site, you should run an IIS Reset and make sure that all of your web sites have started. If you have forgotten one of the steps listed in this article, one of your web sites will refuse to start with a message about not being able to write a file that already exists.

What this process changes is that it allows IIS to decrypt the host-header using the shared certificate before it decides which web site can service the request. With the decrypted host header, IIS can route the request to the correct web site.

== END QUOTE ==


Please beware, it’s mostly a wild guess.


--------------------------------------------------
Note added at 5 hrs (2018-02-26 02:02:47 GMT)
--------------------------------------------------

I believe that in this case нерасшифровываемые means that host names stay encrypted but doesn’t mean that they cannot be decrypted. More context would certainly help.


--------------------------------------------------
Note added at 20 hrs (2018-02-26 17:04:54 GMT)
--------------------------------------------------

Another option:

SSL hosts [whose traffic is] excluded from decryption

The problem is you probably have to fit the translation into a limited space, so I enclosed part of the text in brackets.


Here’s an example:

Exclude domains from inspection of HTTPS traffic
http://help.stonesoft.com/onlinehelp/StoneGate/SMC/6.4.0/GUI...
== BEGIN QUOTE ==

The HTTPS Inspection Exceptions element is a list of domains that are excluded from decryption and inspection.

About this task

HTTPS Inspection Exceptions are used in a custom HTTPS service to define a list of domains for which HTTPS traffic is not decrypted. The custom HTTPS service must be used in a rule, and only traffic that matches the rule is excluded from decryption and inspection. HTTPS Inspection Exceptions are primarily intended for backwards compatibility.
== END QUOTE ==

Rashid Lazytech
Local time: 07:33
Specializes in field
Native speaker of: Native in RussianRussian
PRO pts in category: 44
Notes to answerer
Asker: Thank you. I agree that these are hosts that remain encrypted (not those that cannot be decrypted); but in this case it should be "non-depcrypted SSL hosts", because "non-decryptable" means that they cannot be decrypted.

Login to enter a peer comment (or grade)

2 mins   confidence: Answerer confidence 3/5Answerer confidence 3/5 peer agreement (net): +2
Non-decryptable SSL hosts


Explanation:
https://serverfault.com/questions/788127/configure-squid-to-...

--------------------------------------------------
Note added at 3 mins (2018-02-25 20:48:39 GMT)
--------------------------------------------------

Squid-3.5 can do that with the "ssl_bump splice" action if the traffic actually is TLS but not decryptable ...


--------------------------------------------------
Note added at 6 days (2018-03-04 16:18:59 GMT) Post-grading
--------------------------------------------------

Thank you so much!

Vladys
Ukraine
Local time: 05:33
Native speaker of: Native in RussianRussian
PRO pts in category: 16

Peer comments on this answer (and responses from the answerer)
agree  Jack Doughty
1 hr
  -> Thank you very much, Jack!

agree  Turdimurod Rakhmanov
4 hrs
  -> Thank you very much, Turdimurod!
Login to enter a peer comment (or grade)



KudoZ™ translation help

The KudoZ network provides a framework for translators and others to assist each other with translations or explanations of terms and short phrases.


See also:

Your current localization setting

English

Select a language

Term search
  • All of ProZ.com
  • Term search
  • Jobs
  • Forums
  • Multiple search