dcouzin

The exclusion appears to have been done correctly -- see screenshot -- but NOD32 does not allow access. It doesn't cede to Chrome (which today allows access) as NOD32 does do when SSL/TLS protocol filtering is totally disabled. It's little trouble to disable the filtering, use Chrome to visit the site, and then to reenable the filtering. I'll keep watching how Chrome allows access vs. how NOD32 does. Presently Chrome does and Firefox doesn't, and even when Chrome doesn't there's "thisisunsafe". How well does the certificate system assure browsing safety? And how often do perfectly safe sites have bad certs, even bad intermediate certs? DC

Based on your suggestion, I put the bad certificate into the "List of known certificates". In "Access action" I ticked "Allow (even if untrusted)". In "Scan action" I ticked "Ignore". Using Chrome then, NOD32 still blocked me from the site. What did I do wrong?

indianpunchline.com's certificate status is moving target. As of yesterday, by disabling NOD32's SSL/TSL protocol filtering I could address the site in Chrome where I could then get around that browser's NET::ERR_CERT_REVOKED by simply typing "thisisunsafe". As of today, with NOD32's SSL/TSL protocol filtering disabled, Chrome lets me visit the site immediately, without the passphrase. Yet Firefox doesn't let me visit the site, and NOD32, with SSL/TSL protocol filtering reenabled, certainly doesn't. Google programmers aren't dunderheads. The site is safe enough for cautious use. Chrome's addressbar shows the connection as "Not secure". Why isn't this sufficient? Since the goal of browsing is information, not the feeling of absolute safety, why can't NOD32 include some grown-up bypasses? DC

The state of the certificate for indianpunchline.com worsened since I described my workaround yesterday. Now, even without NOD32's interference, no browser can open that page. So, was NOD32 smarter than the browsers yesterday, when it wouldn't, but they would let me choose to see that page? Or was NOD32 just stricter? DC

@Marcos, You have addressed the first fault: that NOD32 allows no bypass to reach a bad certificate website. Yes, I am complaining that NOD32 doesn't "allow" me to take calculated risks. I bought protection, not a minder. The second fault is that when NOD32 says it is pausing protection (for 10 minutes, etc.) it does not pause protection against bad certificates. It still "protects" me from that website with the same alert. I now find that I can stop the protection by entering NOD32's advanced setup and disabling SSL/TSL protocol filtering. I must enable it after visiting the website. Cumbersome, but a workaround. Incidentally the website is that of M.K. Bhadrakumar, a retired diplomat and now political commentator, maybe not for kiddies. DC

NOD32 v.14.0.22.0 running under Windows 10 Pro v.1809. A certain website has an untrusted security certificate. So NOD32 throws up an Alert! "Website certificate revoked". Unfortunately the alert offers no bypass. I should be able to choose to access the website at my risk, as other antivirus softwares allow. (I happen to know that the website does nothing strange when I access it by choice using another computer without NOD32.) So I pause protection in NOD32. NOD32 loudly warns me that I'm exposed to risk, etc. But when I try to access that same website, the same NOD32 Alert! "Website certificate revoked" appears. Thus a double fault in NOD32. First, lack of a bypass when it alerts for a bad security certificate. Second, incomplete pausing of protection. Are there workarounds? DC