Sign In

Kibosh® Block-Page SSL

Why? 

The Kibosh Block Page  presents an SSL certificate to web browsers that make connections to HTTPS sites. The certificate will match the requested site but will be signed by the Kibosh Root Certificate Authority (CA.

If the Kibosh Root CA is not trusted by your browser, an error may (not always) be displayed. Typical errors include:

  • “The security certificate presented by this website was not issued by a trusted certificate authority.” (Internet Explorer)
  • “The site’s security certificate is not trusted!” (Google Chrome)
  • “This Connection is Untrusted.” (Mozilla Firefox).

Although the error is expected, the messages displayed can be confusing and annoying and you may wish to stop them from appearing.

To avoid these errors entirely, install the Kibosh Root CA in your browser, or the browsers of your users (if you’re a network admin). This can be done on a per-browser, per-machine basis for personal use or for small deployments.

For larger deployments, you can set up an automatic installation via Group Policy (GPO). Note that the automatic installation via GPO will only work for users with Internet Explorer or Chrome on Windows systems.

 

When HTTPS-enabled domains are blocked by a Kibosh policy, you will receive a block page , which is also served over HTTPS – and encrypted with a certificate signed by the Kibosh RootCA.

But, if the Kibosh RootCA is not trusted by your web browser – this SSL error may (not always) be displayed:

  • Internet Explorer: “The security certificate presented by this website was not issued by a trusted certificate authority.”
  • Chrome: “The site’s security certificate is not trusted!” 
  • FireFox: “This Connection is Untrusted.”

The error is random and expected and if you accept the error (i.e., tell your browser that you trust Kibosh.com) you will then be taken to the block page.

Although nothing in broken per se, the SSL error messages displayed in your browser can be confusing and annoying and you may wish to stop them from appearing.

Solution:

To avoid these errors entirely, install the Kibosh Root CA in your browser, or the browsers of your users (if you’re a network admin). This can be done on a per-browser, per-machine basis for personal use or for small deployments.

For larger deployments, you can set up an automatic installation via Group Policy (GPO) – see Advanced Setup below. 

How to install the KiboshCA.crt –

macOS 

  1. Download the KiboshCA.crt
  2. Right-click > Open With > Keychain Access
  3. Do you want to add the certificate KiboshCA.crt to a keychain?
    • Choose System
    • Click Add
    • Enter Admin Password
    • KiboshCA.crt is now in Keychain Access, but it still needs to be trusted…
    • Double-click on Kibosh Certificate with Red-X in Keychain Access
    • Choose Trust > Always Trust
    • Enter the Admin Password again
    • Update Settings

Windows 7,10,11 

  1. Download the KiboshCA.crt
  2. Double-click on KiboshCA.crt…
  3. Choose Open …
  4. Install Certificate
    • Choose Local Machine
    • Next
    • Choose Place all certificates in the following store
      • Browse…
      • Choose Trusted Root Certification Authority
      • OK
      • Next
    • Finish
    •  OK to The Import Was Successful
    • Reboot

DOWNLAOD KIBOSH ROOT-CA (macOS & Windows)

Technical Details – 

The Kibosh Block Page  presents an SSL certificate to browsers that make connections to HTTPS sites. The certificate will match the requested site but will be signed by the Kibosh Root Certificate Authority (CA.

If the Kibosh Root CA is not trusted by your browser, an error may (not always) be displayed. Typical errors include:

  • “The security certificate presented by this website was not issued by a trusted certificate authority.” (Internet Explorer)
  • “The site’s security certificate is not trusted!” (Google Chrome)
  • “This Connection is Untrusted.” (Mozilla Firefox).

Although the error is expected, the messages displayed can be confusing and annoying and you may wish to stop them from appearing.

To avoid these errors entirely, install the Kibosh Root CA in your browser, or the browsers of your users (if you’re a network admin). This can be done on a per-browser, per-machine basis for personal use or for small deployments.

For larger deployments, you can set up an automatic installation via Group Policy (GPO). Note that the automatic installation via GPO will only work for users with Internet Explorer or Chrome on Windows systems.

 

Updated: 6/24/25

Leave feedback

Home