DaveB-Opt 0 Posted March 10, 2021 Share Posted March 10, 2021 I'm getting an SSL error for all machines with ESET installed (see below error). Windows 10 - Chrome/FireFox/Edge. We've tested from multiple internet connections. However the page loads ok on a Windows 10 machine without ESET installed. I suspect there is an issue with the cert, but as SSL/TLS filtering is disabled for our endpoints, which component (if any) of ESET is causing the error? I've tried disabling all web & network protection to test but I'm still unable to bypass this error. Any thoughts? Your connection is not private Attackers might be trying to steal your information from consult.zanducare.com (for example, passwords, messages or credit cards). Learn more NET::ERR_CERT_REVOKED Link to comment Share on other sites More sharing options...
Administrators Marcos 5,294 Posted March 10, 2021 Administrators Share Posted March 10, 2021 The certificate used on the website was revoked. You can only inform the owner or admin of the website about the issue. They will need to get and install a valid certificate. https://www.ssllabs.com/ssltest/analyze.html?d=consult.zanducare.com&latest Revocation status Revoked INSECURE We strongly recommend enabling SSL filtering in your ESET product, otherwise malicious or scam https sites won't be blocked and malware downloaded via https may not be detected. Link to comment Share on other sites More sharing options...
itman 1,758 Posted March 10, 2021 Share Posted March 10, 2021 (edited) 31 minutes ago, DaveB-Opt said: Your connection is not private Attackers might be trying to steal your information from consult.zanducare.com (for example, passwords, messages or credit cards). Learn more NET::ERR_CERT_REVOKED This is being generated by the browser you are using. With Eset SSL/TLS protocol scanning disabled, the browser is now performing all web site certificate checking. Edited March 10, 2021 by itman Link to comment Share on other sites More sharing options...
DaveB-Opt 0 Posted March 10, 2021 Author Share Posted March 10, 2021 11 minutes ago, Marcos said: The certificate used on the website was revoked. You can only inform the owner or admin of the website about the issue. They will need to get and install a valid certificate. https://www.ssllabs.com/ssltest/analyze.html?d=consult.zanducare.com&latest Revocation status Revoked INSECURE We strongly recommend enabling SSL filtering in your ESET product, otherwise malicious or scam https sites won't be blocked and malware downloaded via https may not be detected. Thanks Marcos. I thought that was the case. I'm just confused at why I cannot replicate in Chrome on a machine without ESET Link to comment Share on other sites More sharing options...
itman 1,758 Posted March 10, 2021 Share Posted March 10, 2021 1 minute ago, DaveB-Opt said: I'm just confused at why I cannot replicate in Chrome on a machine without ESET Chrome uses an internal CRC blacklist for revoked certificates. It probably hasn't been updated yet. Also check your Chrome settings. I believe there is an option to also use OCSP responder servers. Link to comment Share on other sites More sharing options...
DaveB-Opt 0 Posted March 10, 2021 Author Share Posted March 10, 2021 3 minutes ago, itman said: Chrome uses an internal CRC blacklist for revoked certificates. It probably hasn't been updated yet. Also check your Chrome settings. I believe there is an option to also use OCSP responder servers. Ok that makes sense. Thanks for the help! Link to comment Share on other sites More sharing options...
Recommended Posts