Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuring Web Settings > Configure Bypass Settings > Bypassing certificate verification
Bypassing certificate verification
The cloud service verifies certificates for HTTPS sites that it has decrypted and analyzed. Certificate verification is enabled by default on the SSL tab of the Bypass Settings page, and happens automatically in one of the following cases:
*
*
*
*
*
Certificate verification checks are numerous and apply to all certificates in the trust chain. For example:
*
*
*
To choose whether or not to use certificate verification, in the Certificate Verification Bypass section on the SSL tab, set Perform certificate verification to On or Off.
 
Important 
If certificate verification fails, the end user sees an error page and cannot access the website unless you allow them to access sites with certificate errors by marking Allow end users to bypass all certificate errors. In this case, end users see a notification page informing them that a certificate error has been detected, and have the option to either proceed to the site or go back. This notification page is not available for I Series appliances.
If you choose to perform certificate verification, you can maintain a list of domains and IP addresses for which the cloud service bypasses certificate verification errors. This enables end users to visit a site even if the certificate is invalid. You may want to do this for sites that you trust even if, for example, the certificate has expired, is not yet valid, or is self-signed.
You can manage domains and IP addresses for bypass as follows:
*
To add items for certificate verification bypass, enter one or more domain names or IP addresses separated by commas, then click Add. IP addresses can also include the port number (for example 127.0.0.1:80). You cannot add IP address ranges.
*
To delete a domain name or IP address from the bypass list, select the item and click Delete. You can use the Ctrl and/or Shift keys to select multiple items for deletion.
Click Save when done.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuring Web Settings > Configure Bypass Settings > Bypassing certificate verification
Copyright 2020 Forcepoint. All rights reserved.