Understanding Alerts and Configuring Exceptions
If CISE detects that a website is potentially using a fraudulent certificate it will present you with an alert similar to the following:
The alert means that the website you are visiting may be fraudulent as it is using a certificate signed by a root that is not in CISE's internal store of trusted root certificates.
- Protect me and block website access - Closes your connection to the website (recommended)
- Add certificate to exception list and continue – Adds the certificate to the whitelist and allows the connection to proceed. The root certiicate will not be flagged if CISE detects it in future on any sites. Only choose this option if you are sure the website can be trusted or is using, for example, a self-signed certificate that you have already been made aware of. Do not choose this option if this is one of your regular shopping or banking websites.
- Continue browsing this time only – Accept the connection only for the current session. CISE will warn you again if it detects this certificate next time.
You can whitelist certificates and websites in two ways:
- via the Windows Start Menu:
Click Start and select All Programs > Comodo > Internet Security Essentials
OR
- by clicking the cog icon in the alert:
This will open the CISE configuration screen:
- Enable protection - CISE will monitor the SSL certificates used on the sites you visit and will warn you if a potentially fraudulent certificate is used.
- Automatically install program updates (recommended) - CISE will check with Comodo servers every day for any updates.
You can add certificates and/or website(s) to the list of exceptions:
- Certificate exception - Certificates added to this list will not be flagged by CISE in future.
- Website exception - CISE will not flag any certificates on the domains you add here.
Add a certificate to exception
- Click the 'Add' under the 'Define exceptions for certificate' to open the certificate configuration dialog:
- Select
the certificate you wish to whitelist from the list of untrusted
certificates that CISE has encountered since installation.
OR
- Manually type the name (Common Name) of the root certificate you wish to exclude.
- Click 'Apply' for your settings to take effect.
- The certificate(s) will be added to the list of exceptions.
- Repeat the process to add more certificates.
Add a website to the exclusion list
- Click 'Add' under 'Define excluded websites' to open the website whitelist configuration dialog:
- Enter the URL of the web site you wish to exclude in the field provided then click 'Apply'.
- CISE will no longer flag potentially fraudulent certificates found on whitelisted domains.
- Click 'OK'. Repeat the process to add more websites.
Edit / remove a certificate / website
- To edit a website name or a certificate, select it and click 'Edit'.
- To remove a website or a certificate, select it and click 'Remove'.
- Click 'OK' for your settings to take effect