Support

Go to the table of contents Go to the previous page Go to the next page Go to the index View or print as PDF
Working With Encrypted Data > Managing Web HTTPS site access > Adding Web sites to the incident list
Adding Web sites to the incident list
Help | Content Gateway | Version 7.7.3
Use Configure > SSL > Incidents > Add Website page to specify sites that you want to allow, blacklist, or tunnel. Sites that are added manually are assigned chronological Ticket IDs. These appear on the incident list. See Viewing incidents.
1.
Enter the URL of the site you are adding to the Incident List.
 
* 
Note 
When specifying an IPv6 address, do not enclose the address in square brackets ([]).
2.
Select either By Certificate or By URL.
*
By Certificate provides greater security. If you add a Web site by certificate, clients cannot bypass the policy by using the IP address rather than the URL. When you select By Certificate, SSL Manager retrieves the server certificate and adds the site to the incident list. See Viewing incidents.
If sites are blocked by certificates, wildcard certificates are not accepted, even if the common name is recognized.
*
Select By URL to tunnel, allow, or blacklist the site.
3.
In the Action drop-down list, specify if the site should be added with Tunnel, Allow, or Blacklist status. See The incident report for details.
*
Tunnel: (Valid for By URL only) The site is tunneled. Traffic is not decrypted and SSL Manager does not check the certificate.
 
* 
Note 
Tunnel by URL is valid only for explicit proxy traffic. To tunnel transparent proxy traffic use ARM Static bypass rules.
*
Allow: Users can access the site even if the certificate is not valid. Traffic is decrypted, and certificate checking is disabled.
*
Blacklist: The site is completely blocked. Users cannot access this site even if the Verification Bypass is configured.
4.
Click Apply.
It is recommended that you manually add sites to the incident list after you have monitored your network traffic for a period of time, with the certificate verification engine disabled. (See Configuring validation settings.) This enables you to improve performance by tunneling trusted sites and blocking those you know should not be accessed. See The incident report for information about assigning a status, such as tunneling, to a site and incident.
Print print article Email email article Font Size: A A

Search

Article Rating:

Do you have any additional feedback?    Email: close

Related Articles

Quick Links

Service Requests

How are we doing?

Provide us feedback on your experience with the Service Request portal.

provide feedback >

Go to the table of contents Go to the previous page Go to the next page Go to the index View or print as PDF
Working With Encrypted Data > Managing Web HTTPS site access > Adding Web sites to the incident list