Jump to content

SSL/TLS filtering doesn't work for many sites


Recommended Posts

I noticed, that the SSL/TLS-MITM doesn't work for many sites (like Eset, Google, Paypal, Ebay, Amazon, Youtube). The certificates are not shown as "Eset, spol. sr. o.". On Facebook and Twitter the filter is working. I have tested it with Firefox 67.0.4 and Internet Explorer 11 on Windows 7 x64 and also with the filter settings automatic and scan.

Edited by 100
Link to comment
Share on other sites

  • Administrators

If you want to filter the communication on trusted websites, e.g. facebook.com, disable the setting "Exclude communication with trusted domains" in the SSL/TLS filtering setup.

Link to comment
Share on other sites

Hm, a domain on the internal list of trusted domains cannot be filtered by an entry in the list of known certificates? I have tested it and it seams to be that the internal list of trusted domains have always priority.

Link to comment
Share on other sites

1 hour ago, 100 said:

Hm, a domain on the internal list of trusted domains cannot be filtered by an entry in the list of known certificates?

Did you set the scan type to "Ignore?"

Eset_Ignore.png.0b403c151de1401b60d84dd8e7487032.png

Link to comment
Share on other sites

24 minutes ago, itman said:

Did you set the scan type to "Ignore?"

No, to "scan".

Example: Amazon.com is on the internal list of trusted domains and therfore it is not scanned by the SSL/TLS MITM. The displayed certificate is from Verisign. If I add this certificate to the list of known certificates and set it to "scan" (the same with "auto"), the displayed certificate should be Eset, but it is still Verisign (even after restarting the browser).

Edited by 100
Link to comment
Share on other sites

15 minutes ago, 100 said:

No, to "scan".

Example: Amazon.com is on the internal list of trusted domains and therfore it is not scanned by the SSL/TLS MITM. The displayed certificate is from Verisign. If I add this certificate to the list of known certificates and set it to "scan" (the same with "auto"), the displayed certificate should be Eset, but it is still Verisign (even after restarting the browser).

As far as I am aware of, you can't use certificate exclusions this way. They are use primarily to exclude a web site from being scanned.

So your statement is correct; Eset's build-in scanning exclusion list overrides everything.

Link to comment
Share on other sites

I was just playing with it. :) It's no problem to trust the internal list.  I think it will be updated automatically if one of the pages suddenly contains malicious code. For trusted domains with payment functionality it is better not to break the encryption. This is probably the intention of the internal trused list.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...