? Lost me a tad.
Firewall stuffDon't worry about it. If you start a conversation with some remote thing, generally rules will be dynamically created so they can talk back to you.
Certificates There was a cabal, and we all agreed to trust some big white hats. These big white hats approved little white hats.
When we talk to minion FRED, and say prove who you are, he says "here's a piece o'paper that tells you to check my bona fides with SALLY", and when we ask SALLY, she says "talk to my boss, Big White Hat TOM". TOM says, "yep, I gave a bit o'paper to SALLY, who gave a bit o'paper to FRED, whose giving you a
copy of his paperwork, with a receipt number on it"
So you wander along, and look at stuff from TOM again, and he says "here's my paperwork", and you say "that's rubbish - I've
got paperwork from you with that receipt number already".
The copy of paperwork being held could be stored in any of your local 'filing cabinets'; the quick way to determine if it's a copy being held in your personal/family/machine cabinet is to swap out the whole device, but leave all your cabling in place - if a second device manage to access the site w/o issue, then we know we need to trace and burn your copy of TOM's paperwork on first device. If the second device fails in same manner, finding out why somebodies fobbing you off with paperwork you've already got a copy of can be more complex.
As DM states, in the latter case nuking stuff will generally just require you (at worst) to accept a profferred piece of paper next time you look at a site - 9/10 times if the paperwork is just for you to note the chain of white hats it will be quitely accepted and filed.