Jump to content

Recommended Posts

Posted

Customer of our is getting "Untrusted Certificate" for ssp.meba.kr. I looked up on digicert and output was found below. 

if you go to that server it reports back "IT WORKS". IS this possibly coming from an ADD-ON in Internet Explorer? 

This just started happening today. 

TLS Certificate has not been revoked

OCSP Staple: Not Enabled
OCSP Origin: Good
CRL Status: Good

TLS Certificate expiration

The certificate expires September 19, 2021 (417 days from today)

Untrust_CERT.JPG

Posted

No problem with cert. or Eset using FireFox. But below is what is displayed from the web site?

Eset_Cert.thumb.png.51d770731c1a4372618e33a64c991c8c.png

Posted

Also no problem using IE11 per below screen shot. Suspect what the Eset alert is stating is possible MITM activity is going on.

Eset_IE11.thumb.png.74430f881c20594aec2d8f9dc3edc9e6.png

Posted
1 minute ago, itman said:

Also no problem using IE11 per below screen shot. Suspect what the Eset alert is stating is possible MITM activity is going on.

Eset_IE11.thumb.png.74430f881c20594aec2d8f9dc3edc9e6.png

The ESET alert is coming up on any web site that is visited by end users not just this one which is not even a web site. Seems to be some kind of test of PROXY server maybe. When I am testing the ESET Proxy when troubleshooting one of the tests is for example >> hxxp://esmcserver:3128/index.html  and it comes up with "IT WORKS' when PROXY is enabled and working. 

Posted (edited)

What is the untrusted cert. Eset is showing in the alert?

What I am wondering is if Eset root CA certificate used for SSl/TLS protocol scanning has somehow expired on these endpoints.

Edited by itman
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...