I just purchased ESET Internet Security to go with a new system. Everything was fine before I actually installed ESET. I was able to use Firefox and reach websites and they displayed correctly.
After installing ESET, the majority of websites were unreachable. Most were blocked by Firefox as insecure, and the few that weren't completely blocked were broken; their CSS wasn't loading at all.
The issue seems to be that ESET somehow takes over the security certificate function. Every single website that was completely blocked was shown as having a certificate issued by ESET SSL FILTER CA, which Firefox said was not a recognized certificate vendor.
If I turn off Application Protocol Content Filtering, then most sites seem to work. But turning off that filter removes much of the reason why you would use ESET as an antimalware/security solution in the first place.
I've attached images of the messages that Firefox is giving, both the initial block, and the certificate it's seeing on every single site that gets blocked. I'm using pcworld.com as the example, although it happens many many many places.
"Mozilla message.jpg" shows the initial block message. On sites where the "accept the risk and continue" message appears, if you pick that option, the site that appears is invariably broken, and its CSS doesn't load at all. On sites with HSTS implemented, the "accept the risk and continue" message doesn't even appear.
"Certificate 1 pcworld BROKEN.jpg" shows the certificate that Firefox is seeing for, quite literally, each and every blocked and broken site.
"Certificate 2 pcworld working.jpg" shows the certificate that Firefox sees when I turn off application content protocol filtering. It's very different.
Is there any way to fix this other than simply disabling the protocol content filtering?