Unverifiable origin certificates

You can define how requests are handled when ETP Proxy cannot validate a website's origin certificate. This may occur if the certificate chain is not complete or the web server’s Certificate Authority (CA) is unknown to Akamai.

In an ETP policy configuration, an Invalid Certificate Response menu is available where you can select how ETP handles these certificates:
  • Block - Error Page. The request is blocked and the user is directed to an error page. For more information on Error pages in ETP, see Error pages.
  • Bypass. The request bypasses ETP Proxy. In this situation, the browser handles the certificate validation.

If there are websites that you don’t want directed to ETP Proxy, you can add them to a custom exception list. For more information, see Exception lists and Add a custom exception list.