Editing a Certificate Whitelist
Each search security certificate can include a list of trusted IP addresses from which it can be used as well as a list of trusted identities it can impersonate. By default, both lists are empty, meaning that a certificate can impersonate everyone and can be used on any server.
Certificates are identified by their thumbprint (see Finding the Thumbprint of a Certificate). The thumbprint for a certificate used by a Coveo Front-End server must be added to the whitelist of the Coveo Master server to which it sends queries. The whitelist is automatically populated to all the mirrors of a Coveo instance so there is no need to do this step on the other mirrors if any.
Contact Coveo Support for instructions on how to edit a certificate whitelist.