Jump to content

Disable OCSP in ESS.

leederek
 Share

Recommended Posts

itman

itman 1,659

Posted
Posted (edited)

Eset's SSL protocol scanning is an "all or none" setup for certificate validations as far as I am aware of.

You either exclude a specific certificate from being scanned or you disable SSL protocol scanning entirely.

Edited by itman
Link to comment
Share on other sites
leederek

leederek 0

Posted
  • Author
Posted

I've been disabled SSL protocol scanning settings. Nothing changed. ESS still connects to OCSP servers when I use the browser.

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted

I guess for starters, you need to specify the IP addresses you are referring to when you state Eset is connecting to its "OCSP servers."

According to this Eset Knowledgebase article: http://support.eset.com/kb332/ , only the following IPv4 IP addresses are used for:

SSL Certificate check

proxy-detection.eset.com

38.90.226.28
91.228.166.91
91.228.167.91

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

Please do the following:

- enable SSL/TLS filtering
- start logging with Procmon and Wireshark
- disable SSL/TLS filtering
- make ESS connect to an OCSP server
- stop logging
- compress both logs, upload them to a safe location and pm me download links.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...