Jump to content

Google Certificate vs Other Certificates


Connector

Recommended Posts

Hi everybody,

 

I hope that this is the correct Place for this. Out of pure curiosity, when I was checking some certificates I noticed that the certificate on google.com is not marked as verified by ESET, as is usually the case with active SSL/TLS Filtering, but instead marked as verified by GTS. Also noticed the same thing with cnn.com. When I crosschecked it with a local news website, it showed me the Certificate as Verified by: ESET SSL Filter CA

 

See the screenshots attached, they are in German but it translates to Verified By: [...]

 

Just asking out of pure curiosity, could it be that those Sites are verified by an independent Certificate Authority and are already registered as Safe within ESET's Database? 😄

 

I tried it out with Chrome, Edge, Firefox and Opera, all of them are up-to-date. I'm using ESET Endpoint Security version 7.1.2053, with active SSL/TLS Filtering in automatic mode.

ESET.PNG

GTS CA.PNG

CNN.PNG

Link to comment
Share on other sites

  • Administrators

Trusted sites are excluded from SSL filtering by default. You can have them filtered and scanned by disabling the appropriate setting:

image.png

Link to comment
Share on other sites

  • Most Valued Members
3 hours ago, Marcos said:

Trusted sites are excluded from SSL filtering by default. You can have them filtered and scanned by disabling the appropriate setting:

image.png

Is there any risk of this being used wrongly - e.g. if a trusted domain is hijacked I presume eset would still detect malware etc. Just asking as its something I was just curious about

Link to comment
Share on other sites

Played around with the SSL/TLS Options in a test environment and crosschecked with amtso, I think that ESET is gonna block the communication with a hijacked/unsafe page if the certificate is in some way compromised, since there are a lot of layers in place to make secure communication with the site in question possible. And it's still gonna stop downloads/execution of suspicious files.

Although, I think the only way to really know for sure is if such a case happens in a real-life situation 🤷‍♂️

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...