A-Z Index of IT Support

One consequence of the Heartbleed flaw is that there is a small risk that a fake website could be set up to successfully masquerade as a legitimate website, even if the legitimate website has correctly revoked its potentially compromised security certificate. The only way to guard against this risk is to turn on a rarely used feature of your browser, which checks whether a certificate has been revoked before accepting it.

This feature has been turned on automatically for users of Internet Explorer and Chrome on domain PCs. Firefox users, and those using non-domain computers, will have to make the change themselves. Details of how to do so can be found below.


Firefox button | Options | Options | Advanced | Certificates | Validation

OR (if you have the Menu bar turned on)

Tools | Options | Advanced | Certificates | Validation

  • Use the Online Certificate Status Protocol (OCSP) to confirm the current validity of certificates - Tick
  • When an OCSP server connection fails, treat the certificate as invalid – Tick

Internet Explorer

Control Panel | Internet Options | Advanced   

  • Check for server certificate revocation - tick
  • Warn about certificate address mismatch - tick


Chrome Menu | Settings | Advanced

  • Check for server certificate revocation - tick

Options for this page:

Search All Guides | Search How-to Guides Only | List How-to Guides | Search FAQs Only

Page Last Updated: 30/04/2018 by Webmaster
© 2019 Department of Biochemistry
View printer-friendly version of this page