Webwasher 6.5 SSL Scanner User's Guide - McAfee
Webwasher 6.5 SSL Scanner User's Guide - McAfee
Webwasher 6.5 SSL Scanner User's Guide - McAfee
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Furthermore, there is this section on the tab:<br />
• Certificate Verification<br />
It is described in the following.<br />
Certificate Verification<br />
The Certificate Verification section looks like this:<br />
<strong>SSL</strong> <strong>Scanner</strong><br />
Using this section, you can configure actions for particular verification tests.<br />
After specifying the appropriate settings, click on Apply Changes to make<br />
them effective.<br />
Verification tests can be configured and performed according to the following<br />
criteria:<br />
• Common Name or (with wildcard certificates) wildcard does not<br />
match host name<br />
Compares the Common Name used in a certificate for a host to the host<br />
name as given by the corresponding URL. In some certificates the Common<br />
Name is represented by a wildcard with shell expressions being used<br />
(wildcard certificates).<br />
If no match can be established between a regular Common Name and the<br />
host name, the verification process looks for a wildcard and compares it to<br />
the host name. If this does not lead to a match either, the configured action<br />
is executed.<br />
One of the major features of trying to achieve security through trusted certificates<br />
is to guarantee the identity of a remote server. Therefore, it is<br />
imperative that the Common Name of a certificate is identical to the URL<br />
of the corresponding Web server.<br />
If you allow a connection nevertheless, there is no guarantee that spoofing<br />
(a Web site impersonates the Web site you actually wanted to visit) has not<br />
occurred.<br />
4–7