SSL Scanner
To add an exception to the list, use the area labeled:
•Add new exception
In the input field provided here, enter the exception you want to add to the certificate list.
https:// has been entered in this field as default information at the begin- ning of an exception name. The input format for its remaining parts is:
host [:port]
Furthermore, configure the following methods for a new exception:
—by certificate
Enabling the by certificate method means that the certificate issued for the host you are adding as an exception is checked by the verifica- tion process.
After enabling this method, select an action from the
For the meaning of these actions, see the following table:
|
| by certificate |
| by host |
|
|
|
|
|
| Allow | The exception is allowed. |
| not available |
|
|
|
|
|
|
|
|
|
|
| Block | The exception is blocked. |
| The exception is blocked. |
|
|
|
|
|
|
|
|
|
|
| Tunnel | The activities of the SSL |
| The activities of the SSL |
|
| Scanner are bypassed and |
| Scanner are bypassed and |
|
| no verification process is |
| no verification process is |
|
| executed. |
| executed. |
|
|
|
|
|
|
|
|
|
|
| Warn Incident | The exception is allowed, but |
| not available |
|
| a warning is displayed. |
|
|
|
|
|
|
|
|
|
|
|
|
| Only Cert | not available |
| The content provided by the |
| Checking |
|
| host you are adding as an |
|
|
|
| exception is not decrypted, |
|
|
|
| and the exception is allowed. |
|
|
|
| Note: In this case, the |
|
|
|
| certificate will be checked. |
|
|
|
|
|
|
|
|
|
|
| Only | not available |
| The content provided by the |
| Decryption |
|
| host you are adding as an |
|
|
|
| exception is decrypted, and |
|
|
|
| the exception is allowed. |
|
|
|
|
|