Use the Certificates tab to specify whether a robot should verify the identity of a web server that it accesses via HTTPS. Such a verification is routinely (and invisibly) done by ordinary browsers to detect phishing attacks. However, the verification is often not necessary when robots collect information, because the robots only access the web sites that they have specifically been written for. Thus the verification it is not enabled by default.
Verification is done in the same way a browser performs verification.
The web server's certificate is checked based on an installed set of trusted HTTPS certificates similar to those you can configure in a browser. See the Kofax Kapow Developer's Guide (enclosed during installation) for more information about HTTP certificates.
The following table describes the options on the Certificates tab.
|Verify HTTPS Certificates||
When checked, a robot verifies a web site's certificate when accessing it over HTTPS. Verification is done based on two sets of trusted certificates: the set of root certificates and an additional set of server certificates.
|HTTPS Client Certificates||
A list of client certificates that the robots can use. Use the buttons under the list to add or remove certificates.
Note that root certificates are installed with Design Studio just as root certificates are installed with your browser. They are found in the Certificates/Root folder in the application data folder. See the Kofax Kapow Developer's Guide (enclosed during installation) for more information.
Some HTTPS sites may use certificate authorities that are not included by default. In this case, you need to install the appropriate certificates for Design Studio to load from these sites. Most often, these would be installed in the Certificates/Server folder in the application data folder.
For the purpose of handling HTTPS sites, it does not matter whether you add certificates to the set of root certificates or the set of server certificates.
To install a certificate, you need to obtain the certificate as a PKCS#7 certificate chain, a Netscape certificate chain, or a DER-encoded certificate. You install the certificate by copying it to one of the folders mentioned above. The name of the file containing the certificate does not matter.