Secure Computing SSL Scanner User Manual

SSL Scanner

A list entry consists of the following fields:

•

Host

- URL that caused the incident.

Incidents can be added to the certificate lists either

by host

or

by certifi-

cate

, as is shown in the fields used for configuring the policy-dependent

and independent certificate lists. If

by host

was selected, the input shown

here under

Host

becomes available.

A wildcard may be used to include a range of URLs, e. g.

*.webwasher.com

.

•

C (short for Common Name)

- If an incident was caused by a Common

Name mismatch, it is indicated here by a red lamp symbol. Otherwise there
will be a green lamp symbol.

•

E (short for Expired)

- If a certificate has expired, this incident is indicated

here by a red lamp symbol.

•

S (short for Self-signed)

- If an incident was caused by a self-signed

certificate, it is indicated here by a red lamp symbol.

•

R (short for Root Certificate Authority)

- If an incident was caused

by a failure during validation of the root certificate authority, it is indicated
here.

•

Policy

- Policy belonging to the certificate list this incident is going to be

added to.

•

Action

- Action configured for the policy and host/certificate that will apply

when the incident is added to a certificate list.

The list is sortable by

Host

and the

C(ommon Name)

,

E(xpired)

,

S(elf-

signed)

and

R(oot Certificate Authority)

failure attributes.

Note:

An incident that occurred for two or more different reasons, cannot be

added

by certificate

.

Whenever a certificate is added this way, errors that were caused by the cer-
tificate are ignored. Different reasons may occur, however, when a certificate
is inspected with regard to different policies.

If errors cannot be determined unambiguously, as is the case when there are
two or more reasons for an incident, the

by certificate

method cannot be

applied. Incidents can then only be added

by host

.

You can select several incidents from the list and add or delete them in one go
by clicking on the

Add

or the

Delete

button. If you wish to process an entry

separately, use the

Add

and

Delete

buttons in the same line.

If an incident was deleted from the list, it will not be ignored in the future, but
be generated again should it occur.

4–31