Open with table of contents

HTTPS Certificate Policy Settings

Specific sites can be added to a global HTTPS Certificate Policy list with a setting which specifies whether the site should be blocked or allowed if it fails certificateA digital means of proving your identity. When you send a digitally-signed message, you are sending your certificate and public key. Certificates are issued by a certification authority and can expire or be revoked. checks. If a site exists on this list that is allowed then the certificate for that site will not be checked.

The HTTPS Certificate Policy tab defines the policy for individual HTTPS Certificates. You can add a new Certificate Policy, edit an existing one or delete one of the policies.

The Certificates Awaiting Policy tab displays a list of runtime blocked certificates. You can define the policy (Allow or Block) for the Certificate.

To add an HTTPS Certificate Policy to the list:

1. From the Policy Center Home page, click HTTPS Policy. The HTTPS Policy page appears.
2. Click the HTTPS Certificate Policy tab to show the current list of HTTPS Certificate Policies.
3. Click New. The New HTTPS Certificate dialog appears.
4. Specify whether to Block or Allow using the drop-down list.
5. In Host, type a valid host name or IP address. If the host already exists, a warning message will be displayed.
6. In Description, type a description of the policy. You cannot use HTML tags; any HTML tags will be removed.
7. Click Add to add the name to the list.

To edit an HTTPS Certificate Policy in the list:

1. From the Policy Center Home page, click HTTPS Policy. The HTTPS Policy page appears.
2. Click the HTTPS Certificate Policy tab to show the current list of HTTPS Certificate Policies.
3. Select the certificate and click Edit. The Edit HTTPS Certificate dialog appears.
4. Specify whether to Block or Allow using the drop-down list.
5. In Host, type a valid host name or IP address. If the host already exists, a warning message will be displayed.
6. In Description, type a description of the policy. You cannot use HTML tags; any HTML tags will be removed.
7. Click Update .

Defining Certificates Awaiting Policy:

1. From the Policy Center Home page, click HTTPS Policy. The HTTPS Policy page appears.
2. Click the Certificates Awaiting Policy tab to show the current list of runtime blocked certificates.

3. Click Refresh to display an updated list of runtime blocked certificates.

   Please note that it can take up to 5 minutes for a new problem with a website's certificate to be displayed in this list. If you Block or Allow a site in this list, the action will not take effect until you next apply the configuration. If you Delete a problem report you might experience a delay of up to 5 minutes before the report is removed. Please note that this delay does not affect browsing.

4. Select an item or items in this list to display the Allow, Block and Delete buttons.
5. Click Allow to move the selected items to the HTTPS Certificate Policy tab and add them to the certificate policy list with an Action set to Allow and Description set to be empty.
6. Click Block to move the selected items to the HTTPS Certificate Policy tab and add them to the certificate policy list with an Action set to Block and Description set to be empty.
7. Click Delete to remove the selected items from the blocked certificate list until the next time any user visits the site. The items that have been hidden successfully will then be removed from the certificate list on the tab.

When you have finished modifying your policy, you must apply the new configuration.

See also...

• Apply the new configuration

© 1995–2018 Clearswift Ltd.