IT Consultant

Paul Wolff

<div>
Thanks for the info. So although there was no way to allow the specific URL for the CRL field on the certificate, I was able to work around this to block traffic and still allow this outbound using proxy. I was able to allow the URL and then the application security was functioning as needed! Thanks!
</div>


Thanks for the info. So although there was no way to allow the specific URL for the CRL field on the certificate, I was able to work around this to block traffic and still allow this outbound using proxy. I was able to allow the URL and then the application security was functioning as needed! Thanks!

<div>
<div class="content wysiwyg-content">
We have an internal program that uses a public certificate for security. We need to lock down the application on devices so they do not have any access outside of the program (client connects to a server using several ports) and Logmein (for remote support). <br />
<br />
I am using the Windows Firewall to block outbound traffic except for traffic we will allow for the program. The problem I am having is that the application will not run because the public certificate will not verify the certificate chain (for security on the user login). I have tried to turn off settings for revocation in Internet Options, but that is not what the problem is. It seems the app needs access to the internet to verify the certificate. So in Windows Firewall, I need to know what exactly do I need to open outbound?
</div>
</div>


We have an internal program that uses a public certificate for security. We need to lock down the application on devices so they do not have any access outside of the program (client connects to a server using several ports) and Logmein (for remote support). 

I am using the Windows Firewall to block outbound traffic except for traffic we will allow for the program. The problem I am having is that the application will not run because the public certificate will not verify the certificate chain (for security on the user login). I have tried to turn off settings for revocation in Internet Options, but that is not what the problem is. It seems the app needs access to the internet to verify the certificate. So in Windows Firewall, I need to know what exactly do I need to open outbound?

Windows Firewall - Outbound traffic for Certificate Verification

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Software Firewalls

This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.

Windows OS

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.

SSL / HTTPS

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.

Networking

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.