Jump to content

Untrusted Certificate (ssp.meba.kr)


tmuster2k
 Share

Recommended Posts

Customer of our is getting "Untrusted Certificate" for ssp.meba.kr. I looked up on digicert and output was found below. 

if you go to that server it reports back "IT WORKS". IS this possibly coming from an ADD-ON in Internet Explorer? 

This just started happening today. 

TLS Certificate has not been revoked

OCSP Staple: Not Enabled
OCSP Origin: Good
CRL Status: Good

TLS Certificate expiration

The certificate expires September 19, 2021 (417 days from today)

Untrust_CERT.JPG

Link to comment
Share on other sites

Also no problem using IE11 per below screen shot. Suspect what the Eset alert is stating is possible MITM activity is going on.

Eset_IE11.thumb.png.74430f881c20594aec2d8f9dc3edc9e6.png

Link to comment
Share on other sites

1 minute ago, itman said:

Also no problem using IE11 per below screen shot. Suspect what the Eset alert is stating is possible MITM activity is going on.

Eset_IE11.thumb.png.74430f881c20594aec2d8f9dc3edc9e6.png

The ESET alert is coming up on any web site that is visited by end users not just this one which is not even a web site. Seems to be some kind of test of PROXY server maybe. When I am testing the ESET Proxy when troubleshooting one of the tests is for example >> hxxp://esmcserver:3128/index.html  and it comes up with "IT WORKS' when PROXY is enabled and working. 

Link to comment
Share on other sites

What is the untrusted cert. Eset is showing in the alert?

What I am wondering is if Eset root CA certificate used for SSl/TLS protocol scanning has somehow expired on these endpoints.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...