Certificates

A robot may need to verify the identity of a web server that it accesses (via HTTPS). Such a verification is routinely (and invisibly) done by ordinary browsers in order to detect phishing attacks. However, the verification is often not necessary when robots collect information, because the robots only access the web sites that they have specifically been written for. Thus the verification it is not enabled by default.

Certificates in Design Studio

Verification is done in the same way a browser does it: The web server's certificate is checked based on an installed set of trusted HTTPS certificates similar to those you can configure in a browser.

Option

Description

Verify HTTPS Certificates

When a robot accesses a web site over HTTPS, it will verify the site's certificate provided that this option is checked. Verification is done based two sets of trusted certificates: The set of root certificates and an additional set of server certificates.

HTTPS Client Certificates

A list of client certificates that the robots can use. Certificates can be added/removed by using the buttons underneath the list.

Options descriptions


Note that root certificates are installed with Design Studio just as root certificates are installed with your browser. They are found in the Certificates/Root folder in the application data folder.

Some HTTPS sites may use certificate authorities that are not included by default. In this case, you need to install the appropriate certificates for Design Studio to load from these sites. Most often, these would be installed in the Certificates/Server folder in the application data folder.

To be precise, it does not matter - for the purpose of handling HTTPS sites - whether you add certificates to the set of root certificates or to the set of server certificates.

To install a certificate, you need to obtain the certificate as a PKCS#7 certificate chain, as a Netscape certificate chain, or as a DER-encoded certificate. You install the certificate by copying it to either of the two folders mentioned above. The name of the file containing the certificate does not matter.