SSL Bumping is a process by which SSL encrypted traffic is decrypted, processed by the proxy server, and then re-encrypted with a different certificate that is trusted by the client (e.g. web browser via a root certificate) and then sent back to the client.

For instance, suppose a user wishes to access https://cloudmersive.com. Without SSL bumping, the browser will send an HTTP request with method of CONNECT to the forward proxy server and the domain name cloudmersive.com; the proxy server will then open an encrypted tunnel to this server. Because the encrypted tunnel is still encrypted with the cloudmersive.com public certificate, the proxy server will not be able to decrypt its contents and thus apply security policies that require the contents of the request (e.g. virus scanning).

SSL bumping replaces this process with the following: when the request is sent to the Proxy server, it opens an SSL connection with a self-signed certificate that is trusted by the browser. The proxy will then see the entire contents of the incoming request because it can decrypt this request, and the browser will allow this to occur because it trusts the certificate sent back by the Proxy server. The forward proxy server will then do any needed processing of the request and then send this request on to the upstream server as a normal HTTPS request, and retrieve the response. When the response is received, it will be processed, and then re-encrypted using the self-signed certificate trusted by the browser. The browser accepts this response and displays it on the screen.

Note that key to this process working: the browser or client OS must have the relevant self-signed root certificate installed as a trusted certificate authority on the client to allow SSL bumping to function and provide the needed security.