Symptom
SSL decryption failing to servers with unsupported ciphers.
Error UNSUPPORTED_EXTENSION (0xb0000152) can appear in the connection event.
Conditions
Physical and virtual managed devices, ASA with FIREPOWER Services devices, and physical and virtual Firepower Threat Defense devices with an SSL policy.
SSL policy configured with a rule to decrypt traffic below a rule to not decrypt traffic specifying one or more common names.
Workaround
Disable the "Do not decrypt" rule specifying the common names, or if possible, switch it to a rule specifying IP addresses or zones.
Further Problem Description
