Website certificate revoked Exception

[slewmark 0]

Hello,

I have a user who is trying to reach the following website:

Olympus Connect: https://www.olympusconnect.com/

I can see that the website certificate has been revoked, but this is a trusted website for our company. We don't own or manage the domain, but it hosts information for several of our products. I have perused several other ESET forums and cannot find a way to make an exception for our endpoints.

I have changed policy for SSL filtering, and URL address management and nothing I can do seems to get it work.

Can anyone please advise?

[Marcos 5,074]

The SSL certificate used by the website was revoked:

https://www.ssllabs.com/ssltest/analyze.html?d=www.olympusconnect.com

Revocation status

Revoked   INSECURE

Only an owner of the website can obtain a new valid certificate and install it.

Even the browser itself does not allow you to create an exception in such case when ESET is not installed:

[slewmark 0]

Hello,

Thank you for the reply. So from what I've gathered, as long as ESET Endpoint Security is running is there no way to access the website? I am able to access it on a device without ESET installed, since I was able to proceed past the warning on the unsecured device. But is there any policy that can ignore the revoked certificate on a single endpoint?

I understand the risk involved, but I would like to understand how to do so if there is a way.

[Marcos 5,074]

Correct, you cannot make an exception in that case. However, even with ESET not installed most of browsers if not all will not allow you to create an exception either.

[slewmark 0]

Ok, thank you very much for the clarification!