Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Block Page Management > Secure block pages
Secure block pages
Administrator Help | Forcepoint Web Security and Forcepoint URL Filtering | v8.5.x
Filtering Service can be configured to serve block pages using the HTTPS protocol so that sensitive information is protected.
 
* 
Important 
TLS v1.2 is required to successfully serve an HTTPS block page, but some browsers disable TLS v1.2 by default. To use this feature, TLS v1.2 must be enabled on the client browsers.
1.
Generate a TLS certificate and key for each instance of Filtering Service that is serving HTTPS block pages.
See Generating keys and certificates for instructions on how to generate the certificate and key, and how to accept the certificate in the client browser.
 
* 
Note 
Using a self-signed certificate is not advisable, because some of the latest browsers do not allow you to easily override certificate verification. Create a Certificate Authority (CA) first, and then use that to sign the block page certificate.
The CA certificate can be installed as a trusted root CA on Windows for IE and Chrome browsers, but needs to be installed separately on Firefox. This process is similar to the process used for proxy SSL decryption certificates.
2.
Stop Filtering Service.
3.
Use a text editor to edit the file eimserver.ini (by default, in C:\Program Files\Websense\Web Security\bin or /opt/Websense/bin/).
Under the [WebsenseServer] section, add the following values:
SSLBlockPage=on
SSLCertFileLoc=<path to SSL certificate>
SSLKeyFileLoc=<path to SSL key>
4.
Save eimserver.ini.
5.
Restart Filtering Service.
 
* 
Important 
If SSLBlockPage is enabled, then Manual Authentication will also use HTTPS, even if Secure Manual Authentication is not enabled.
 
* 
Important 
If secure block pages are enabled and client browsers are set to proxy through Content Gateway, port 15871 must be included in the Tunnel Port or HTTPS ports list on the Configure > Protocols > HTTP page of Content Gateway manager.
See Secure manual authentication for additional details.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Block Page Management > Secure block pages
Copyright 2023 Forcepoint. All rights reserved.