Jump to content

Recommended Posts

You can also set Firefox to use the system trusted root CA certificate store by setting security.enterprise_roots.enabled to true in about:config.

Share this post


Link to post
Share on other sites
Posted (edited)
22 minutes ago, Marcos said:

You can also set Firefox to use the system trusted root CA certificate store by setting security.enterprise_roots.enabled to true in about:config.

On this regard, Mozilla will be doing so automatically starting with FireFox 68 as noted in this article: https://www.zdnet.com/article/firefox-finally-fixes-the-problems-with-antivirus-apps-crashing-https-websites/ .

Of note to Eset is the following article excerpt:

Quote

"Beginning with Firefox 68, whenever a MITM error is detected, Firefox will automatically turn on the 'enterprise roots' preference and retry the connection," Thayer said.

"If it fixes the problem, then the "enterprise roots" preference will remain enabled (unless the user manually sets the 'security.enterprise_roots.enabled' preference to false)."

"We are also recommending as a best practice that antivirus vendors enable this preference (by modifying prefs.js) instead of adding their root CA to the Firefox root store. We believe that these actions combined will greatly reduce the issues encountered by Firefox users," Thayer added.

 

Edited by itman

Share this post


Link to post
Share on other sites
7 hours ago, itman said:

At this point, I would assume the Eset root certificate is not installed in FireFox. You can verify this by opening FireFox's Options and selecting the following:

Privacy & Security -> Certificates -> View Certificates.

At this point, FireFox's Certificate Manager should be displayed. The Authorities tab should have opened by default; if not, select that tab. Scroll down to where certificate names beginning with "E" are located and search for certificate beginning with "Eset."  

You are 100% correct I dont have the cert in there.

 

How can i put it in there?

Share this post


Link to post
Share on other sites
Posted (edited)
40 minutes ago, BeanSlappers said:

How can i put it in there?

Follow the procedures listed in this Eset knowledgebase article: https://support.eset.com/kb3126/ .

If that doesn't work, you have three other options:

1. Do what @Marcos suggested previously. Using the FireFox about:config option, set the following parameter, security.enterprise_roots.enabled, to true. This can be done by simply toggling on the parameter. This will force FireFox to use the Windows root CA certificate store for Firefox root certificate verification.

2. Use Windows certmgr.msc tool to export the Eset root certificate from the Windows root CA certificate store. You can then import the created .cer file into FireFox's Authorities certificate store.

3. Uninstall and reinstall Eset.

Edited by itman

Share this post


Link to post
Share on other sites
Posted (edited)
9 hours ago, itman said:

At this point, I would assume the Eset root certificate is not installed in FireFox. You can verify this by opening FireFox's Options and selecting the following:

Privacy & Security -> Certificates -> View Certificates.

At this point, FireFox's Certificate Manager should be displayed. The Authorities tab should have opened by default; if not, select that tab. Scroll down to where certificate names beginning with "E" are located and search for certificate beginning with "Eset."  

Done all and nothing still the same, including reinstalling firefox.  I do have firefox 67.0.4, including above suggestions.

Edited by BeanSlappers

Share this post


Link to post
Share on other sites
Posted (edited)
1 hour ago, BeanSlappers said:

Done all and nothing still the same, including reinstalling firefox.  I do have firefox 67.0.4, including above suggestions.

When did you reinstall FireFox? If you did so after all the solutions I posted previously, it would have negated all those changes.

Another thing you can try is to uninstall your existing version of FireFox. Your Firefox existing profile will be retained. Then download Firefox's full offline installer from here: https://www.mozilla.org/en-US/firefox/all/ and run it. Note: you can language to English - British prior to downloading if you prefer that.

I did this recently and Eset's root certificate was imported into the new Firefox install w/o issue.

Edited by itman

Share this post


Link to post
Share on other sites

All today, when I do the uninstall I user revo uninstaller  So it cleans out the reg as well as files on the computer then I reboot.

Share this post


Link to post
Share on other sites
On 7/2/2019 at 6:05 PM, Marcos said:

Please provide logs collected with ESET Log Collector so that I can check your configuration.

Here is what you asked for.

eis_logs.zip

Share this post


Link to post
Share on other sites

For some reason you don't have msedge.exe in the list of SSL-filtered applications. It should have been added as soon as SSL communication of the process was detected:

image.png

Try adding it manually in the list:

image.png

Share this post


Link to post
Share on other sites
2 hours ago, Marcos said:

For some reason you don't have msedge.exe in the list of SSL-filtered applications. I

@BeanSlappers SSL/TLS protocol scanning issues are with FireFox; not with Edge.

Did you mean that FireFox is not in the list of SSL-filtered applications?

Share this post


Link to post
Share on other sites

Yeah I am pretty sure that I said that I was using firefox a lot of times.  I hate edge so I wont ever use it.

 

Share this post


Link to post
Share on other sites
On 7/6/2019 at 8:44 PM, BeanSlappers said:

Yeah I am pretty sure that I said that I was using firefox a lot of times.  I hate edge so I wont ever use it.

 

Did you verify that firefox.exe is in the list of SSL filtered applications?

Share this post


Link to post
Share on other sites
6 minutes ago, BeanSlappers said:

It is indeed.

Try changing it's scanning option from Auto to Scan.

Share this post


Link to post
Share on other sites
On 7/8/2019 at 4:39 PM, BeanSlappers said:

It is indeed.

FireFox just released ver. 68. This is the ver. that will use the Win root CA store if Eset's certificate is not added to FireFox's Authorities certificate store for some reason. If FireFox hasn't auto updated to ver. 68, do so manually.

Now perform the AMTSO tests and see if Eset if still not detecting those.

Share this post


Link to post
Share on other sites
On 7/9/2019 at 8:46 AM, Sammo said:

Try changing it's scanning option from Auto to Scan.

Already done that.

Share this post


Link to post
Share on other sites
23 hours ago, itman said:

FireFox just released ver. 68. This is the ver. that will use the Win root CA store if Eset's certificate is not added to FireFox's Authorities certificate store for some reason. If FireFox hasn't auto updated to ver. 68, do so manually.

Now perform the AMTSO tests and see if Eset if still not detecting those.

Makes no difference even with the update.

Share this post


Link to post
Share on other sites
Posted (edited)
35 minutes ago, BeanSlappers said:

Makes no difference even with the update.

Did you try @Sammo suggestion of setting firefox.exe in Eset's SSL/TLS filtered applications to "Scan" versus the default setting of "Auto?" While in that section, make sure that there are not multiple firefox.exe applications listed. You should have only one entry for Firefox and its path specification is C:\Program Files\Mozilla Firefox\firefox.exe assuming your using Win 10 x(64).

Next in the Web Access protection section, open the Web Protocols section and verify that only port 443 is shown in the HTTPS Scanner Setup section.

Edited by itman

Share this post


Link to post
Share on other sites
50 minutes ago, itman said:

Did you try @Sammo suggestion of setting firefox.exe in Eset's SSL/TLS filtered applications to "Scan" versus the default setting of "Auto?" While in that section, make sure that there are not multiple firefox.exe applications listed. You should have only one entry for Firefox and its path specification is C:\Program Files\Mozilla Firefox\firefox.exe assuming your using Win 10 x(64).

Next in the Web Access protection section, open the Web Protocols section and verify that only port 443 is shown in the HTTPS Scanner Setup section.

1)  Um yes I did, if you read, then you would know this.

2)  Already done that too.

Share this post


Link to post
Share on other sites

Have you already tried this?

- uninstall ESET
- reboot the machine
- install the latest version from scratch with default settings
- reboot the machine
- launch Firefox and try to reproduce the issue.

If it doesn't make any difference, also try switching to pre-release updates to get the very latest modules.

Share this post


Link to post
Share on other sites
9 minutes ago, Marcos said:

Have you already tried this?

- uninstall ESET
- reboot the machine
- install the latest version from scratch with default settings
- reboot the machine
- launch Firefox and try to reproduce the issue.

If it doesn't make any difference, also try switching to pre-release updates to get the very latest modules.

Already told you guys I did that when i told you guys that I reinstalled firefox.  Also pre-releases are the beta's aint they?

Share this post


Link to post
Share on other sites
10 minutes ago, BeanSlappers said:

Also pre-releases are the beta's aint they?

They aren't. There are fully tested modules that are typically released to all users after a few days or weeks without any change. Of course, we don't recommend enabling the pre-release update channel on production machines, however, on non-production systems it'd be good if at least technically savvy users enabled it. Should a problem occur, it's possible to switch back to the release update channel which won't help if a module has been already released for the general public. Before putting modules on pre-release servers we use them to update a lot of production machines in HQ so we are pretty confident about the quality.

Share this post


Link to post
Share on other sites
Posted (edited)

Ummmmm  i am not too keen on that.  I think that I will wait till you guys are able to figure it out, I might be paying for the software in 2 weeks,  because everything else is working.  Maybe a it doesn't work when parental control is on, but if that is the case, then that is the software need changing.  But in saying that I have tried it with both on and off and still same thing.

Edited by BeanSlappers
Wrong place for my answer lol.

Share this post


Link to post
Share on other sites
Posted (edited)
5 hours ago, BeanSlappers said:

Maybe a it doesn't work when parental control is on, but if that is the case, then that is the software need changing.  But in saying that I have tried it with both on and off and still same thing.

The only other thing I can think of at this point is some type of man-in-the-middle is occurring. When this happens, HTTPS traffic is intercepted en-route and decrypted using the attacker's root certificate. In most cases but not always, this breaks "the chain of trust" in the browser resulting in a warning from the browser this activity has taken place.

One possibility is the MITM activity is occurring externally with the Eset root certificate being replaced with the site's original chained root certificate.   Go to this web site which will validate SSL/TLS communication:

https://badssl.com/dashboard/

In FireFox Quantum 68 and EIS 12.1.34, the only tests shown in light red indicating a minor concern are SHA-1 Intermediate and dh1024 Crypto cypher issues. The test area to be noted is the Interception Certificates area.

Edited by itman

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...