Jump to content

Strange Certificate error - site being blocked


Recommended Posts

  • Most Valued Members

Trying to help someone find out why his site is being blocked by Eset. He is a security researcher/blogger. His site is www.scotthelme.co.uk 

Alerts are the certificate has changed unexpectedly/website certificate revoke

Link to comment
Share on other sites

  • Most Valued Members
6 hours ago, itman said:

I can connect to the web site OK using SS 10.1.210 and IE11.

Blocks for me in IE as well but with Eset insider version

Link to comment
Share on other sites

1 hour ago, peteyt said:

Blocks for me in IE as well but with Eset insider version

Here's the Quals SSL Server test report for the site: https://www.ssllabs.com/ssltest/analyze.html?d=scotthelme.co.uk&s=107.170.218.42&hideResults=on . He received an A+ - highest rating.

Only thing I found that was he uses a Let's Encrypt certificate. Do you have the DST Root CA X3 certificate in your Window's root CA certificate store? If so, make sure it hasn't expired. IE11 uses Window's root CA certificate store.

Link to comment
Share on other sites

  • Most Valued Members
2 hours ago, itman said:

Here's the Quals SSL Server test report for the site: https://www.ssllabs.com/ssltest/analyze.html?d=scotthelme.co.uk&s=107.170.218.42&hideResults=on . He received an A+ - highest rating.

Only thing I found that was he uses a Let's Encrypt certificate. Do you have the DST Root CA X3 certificate in your Window's root CA certificate store? If so, make sure it hasn't expired. IE11 uses Window's root CA certificate store.

Not sure how to but both IE and chrome get the errors. I think it might be to do with the insider version but not 100 percent sure.

Link to comment
Share on other sites

15 minutes ago, peteyt said:

Not sure how

In IE11, select Tools -> Internet options -> Content -> Trusted Root Certificates. Then look for DST Root CA X3 certificate and validate expiration date not less than current date.

Might also like you stated an insider ver. issue.

Edited by itman
Link to comment
Share on other sites

Another possibility is there is something amiss with one of the numerous https:// links contained in his home page.

Post a screen shot of the cert. error Eset is displaying in IE11.

Note: I use tracking protection in IE11 which might be blocking the "offending" https:// trigger.

 

Link to comment
Share on other sites

On 5/25/2017 at 7:46 PM, peteyt said:

Trying to help someone find out why his site is being blocked by Eset. He is a security researcher/blogger. His site is www.scotthelme.co.uk 

Alerts are the certificate has changed unexpectedly/website certificate revoke

He should refer it to support for personal attention.

https://forum.eset.com/topic/11925-website-being-blocked/?do=findComment&comment=59988

 

Link to comment
Share on other sites

  • Most Valued Members
8 hours ago, TomFace said:

He should refer it to support for personal attention.

https://forum.eset.com/topic/11925-website-being-blocked/?do=findComment&comment=59988

 

Hi - I have already reported it the other week but heard no reply. I am thinking after after itman reported the site loads fine and me and at least one other user gets the alert on the insider version that it might be an issue with the insider version.

Link to comment
Share on other sites

  • ESET Moderators

Hello guys,

the issue has been identified as a bug on our side, will be fixed in Internet protection module, expected version 1307.

thank you once again for the report.

Regards, P.R.

Link to comment
Share on other sites

  • Most Valued Members
5 hours ago, Peter Randziak said:

Hello guys,

the issue has been identified as a bug on our side, will be fixed in Internet protection module, expected version 1307.

thank you once again for the report.

Regards, P.R.

Thanks. What caused this and do you know roughly when it will be sorted so i can let the sites admin know

Link to comment
Share on other sites

2 hours ago, peteyt said:

What caused this

Ditto here also since I never had any issues accessing the web site in IE11 using ver. 10.1.210. Considering my IP module rel. is 1303.1, appears this is a beta ver. problem.

Edited by itman
Link to comment
Share on other sites

  • ESET Moderators

Hello,

the site was blocked due to false positive HPKP violation.

As far as I known only Insider builds were affected (the use updates which are even ahead of the pre-release updates).

Fixed Internet protection module 1307 is being distributed in that channel since about 30.5.2017 10:35 CEST 

 

Thank you once again for the report, P.R.

Link to comment
Share on other sites

  • Most Valued Members
On 2017-5-31 at 7:53 AM, Peter Randziak said:

Hello,

the site was blocked due to false positive HPKP violation.

As far as I known only Insider builds were affected (the use updates which are even ahead of the pre-release updates).

Fixed Internet protection module 1307 is being distributed in that channel since about 30.5.2017 10:35 CEST 

 

Thank you once again for the report, P.R.

I have updated and appear to have Internet protection module 1307 but the site is still blocked. Cleared Chrome's cache in case that was the issue but no good.

Link to comment
Share on other sites

  • ESET Moderators

Hello,

the issue is fixed by Internet protection module version 1308, currently available for ESET Insiders only.

I can verify the fix for Chromex64, Firefox32 and Internet explorer 11.

Can you please confirm the fix on your side as well?

Regards, P.R.

Link to comment
Share on other sites

  • Most Valued Members
7 hours ago, Peter Randziak said:

Hello,

the issue is fixed by Internet protection module version 1308, currently available for ESET Insiders only.

I can verify the fix for Chromex64, Firefox32 and Internet explorer 11.

Can you please confirm the fix on your side as well?

Regards, P.R.

Just tried on Chrome and it works fine now. What was causing the issue just the guy running the site would like to know. Thanks again.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...