I am using the cutting edge pixelserv-tls to block ads, it runs on the router, and serves a pixel in place of ads served over http & https. I have imported the cert both into windows and firefox browser, Eset sees each CA cert "issued" as unique, on every website, for every unique ad... thus eset warns me sometimes 5-10 times on a single website, and on every website that has ads I must allow each one individually.
The problem is that ESET does not whitelist all issuance by a single CA, or allow users to custom define the certificate name and subject, as seen below; These options are greyed out when defining a new custom rule as well. If we could add strictly a wildcard * to certificate name and subject, then ALL pixelserv certs would be accepted; but we're forced to allow them one at a time on every single ad, on every single website that has ads. The only solution I can see is disabling SSL protocol filtering, which means no realtime antivirus scanning within web-browsers, or automatically blocking all communication that uses any so called 'invalid' certificate. This reduces functionality, and may decrease browsing performance, as importing the certs is supposed to speed up the blocking process.
If there is no other solution, please add the appropriate functionality to whitelist certificates.
