Jump to content

Website Certificate Revoked

offbyone

By offbyone
in ESET Endpoint Products

 Share
Go to solution Solved by GrantG,

Recommended Posts

offbyone

offbyone 10

Posted
Posted

Hi.

One of our customers is getting a lot of "Certificate Revoked" errors from ESET Antivirus since 1.10.2021. Accessing these sites not via ESET does not show any problem. What seems to be common to all these sites is that they are using Let's Encrypt and OCSP Stapling.

Here is one example: https://app.softgarden.io

Any ideas how to track down the problem.

THX a lot.

Link to comment
Share on other sites
  • Solution
GrantG

GrantG 2

Posted
  • Solution
Posted

This will be due to the Let's Encrypt "DST Root CA X3 DST" certificate authority expiring on the 30th September.  We have the same issue with 1 of our customers who use ESET Endpoint Security.  None of our other customers have issues.  Even though our certificate is valid ESET gives the same error and prevents access because one of the 2 paths has now expired.  Seems to be that ESET doesn't check the new/current cert authority "ISRG Root X1" for the multi-path Let's Encrypt certs, or something like that.

I am going to renew our certificates early to remove reference to the old cert authority to see if that fixes the issue.

Link to comment
Share on other sites
offbyone

offbyone 10

Posted
  • Author
Posted

To track down the problem, is there an easy method to disable HTTPS inspection on the ESET client. I tried to pause Web-Protection on the client for 10 minutes however I see that the website is still signed by the ESET proxy cert.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted
Just now, offbyone said:

To track down the problem, is there an easy method to disable HTTPS inspection on the ESET client. I tried to pause Web-Protection on the client for 10 minutes however I see that the website is still signed by the ESET proxy cert.

Did you restart the browser? Tried clearing cache?

Link to comment
Share on other sites
GrantG

GrantG 2

Posted
Posted

I've manually renewed the Let's Encrypt certificates in question now and the optional expired path in the chain has now gone.  This should resolve the client issue with ESET for us although I do question if it should have been necessary as the certificates were still valid.  Anyway, I hope this helps.

Link to comment
Share on other sites
offbyone

offbyone 10

Posted
  • Author
Posted
33 minutes ago, GrantG said:

Anyway, I hope this helps.

Indeed it did.

This was the missing hint to get to the root of the problem.

THX again.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...