Go to the table of contents Go to the previous page Go to the next page Go to the index View or print as PDF
Working With Encrypted Data > Managing Web HTTPS site access > Adding Web sites to the incident list
Use Configure > SSL > Incidents > Add Website page to specify sites that you want to allow, blacklist, or tunnel. Sites that are added manually are assigned chronological Ticket IDs. These appear on the incident list. See Viewing incidents.
Note 
When specifying an IPv6 address, do not enclose the address in square brackets ([]).
2.
Select either By Certificate or By URL.
*
By Certificate provides greater security. If you add a Web site by certificate, clients cannot bypass the policy by using the IP address rather than the URL. When you select By Certificate, SSL Manager retrieves the server certificate and adds the site to the incident list. See Viewing incidents.
*
Select By URL to tunnel, allow, or blacklist the site.
*
Tunnel: (Valid for By URL only) The site is tunneled. Traffic is not decrypted and SSL Manager does not check the certificate.
Note 
*
Allow: Users can access the site even if the certificate is not valid. Traffic is decrypted, and certificate checking is disabled.
*
Blacklist: The site is completely blocked. Users cannot access this site even if the Verification Bypass is configured.
4.
Click Apply.
It is recommended that you manually add sites to the incident list after you have monitored your network traffic for a period of time, with the certificate verification engine disabled. (See Configuring validation settings.) This enables you to improve performance by tunneling trusted sites and blocking those you know should not be accessed. See The incident report for information about assigning a status, such as tunneling, to a site and incident.

Go to the table of contents Go to the previous page Go to the next page Go to the index View or print as PDF
Working With Encrypted Data > Managing Web HTTPS site access > Adding Web sites to the incident list