wpsullivan 0 Posted November 30, 2019 Share Posted November 30, 2019 I just purchased ESET Internet Security to go with a new system. Everything was fine before I actually installed ESET. I was able to use Firefox and reach websites and they displayed correctly. After installing ESET, the majority of websites were unreachable. Most were blocked by Firefox as insecure, and the few that weren't completely blocked were broken; their CSS wasn't loading at all. The issue seems to be that ESET somehow takes over the security certificate function. Every single website that was completely blocked was shown as having a certificate issued by ESET SSL FILTER CA, which Firefox said was not a recognized certificate vendor. If I turn off Application Protocol Content Filtering, then most sites seem to work. But turning off that filter removes much of the reason why you would use ESET as an antimalware/security solution in the first place. I've attached images of the messages that Firefox is giving, both the initial block, and the certificate it's seeing on every single site that gets blocked. I'm using pcworld.com as the example, although it happens many many many places. "Mozilla message.jpg" shows the initial block message. On sites where the "accept the risk and continue" message appears, if you pick that option, the site that appears is invariably broken, and its CSS doesn't load at all. On sites with HSTS implemented, the "accept the risk and continue" message doesn't even appear. "Certificate 1 pcworld BROKEN.jpg" shows the certificate that Firefox is seeing for, quite literally, each and every blocked and broken site. "Certificate 2 pcworld working.jpg" shows the certificate that Firefox sees when I turn off application content protocol filtering. It's very different. Is there any way to fix this other than simply disabling the protocol content filtering? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,271 Posted November 30, 2019 Administrators Share Posted November 30, 2019 Please try the following: - disable SSL filtering - reboot Windows - without starting any application, re-enable SSL filtering and check if the issue is gone. Link to comment Share on other sites More sharing options...
wpsullivan 0 Posted November 30, 2019 Author Share Posted November 30, 2019 I was actually just coming to see if I could edit this post. Right after I did wrote this, I stumbled across a very recent ESET support page that dealt with this: https://support.eset.com/en/disable-ssl-filtering-in-eset-windows-products The disable/re-enable SSL filtering part of the post worked for my setup. That said ... there do seem to have been a number of users with this issue this year. ESET should have their certificate added to Mozilla's certificate store so that Firefox could recognize it. That would make life simpler for everyone. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,271 Posted November 30, 2019 Administrators Share Posted November 30, 2019 We add the root certificate both to Mozilla's and system trusted root CA certificate stores and also configure Firefox to use the system TRCA cert. store in case adding to Mozilla's store failed. Link to comment Share on other sites More sharing options...
Recommended Posts