Website certificate revoked

[pcguy 1]

If one goes to https://transfert-transfer.bac-lac.gc.ca which is a Canadian Federal government website you get a website certicate revoked. Yet when you go to the same site in the same browser on a Windows10 computer that does not have Eset Anivirus there is no issue reading a page or downloading files.  If the cert is revoked would not Windows Defender also block that site?

Edited July 27, 2023 by Marcos
URL updated

[Marcos 5,074]

The SSL cert. used by the web server was indeed revoked: https://www.ssllabs.com/ssltest/analyze.html?d=transfert-transfer.bac-lac.gc.ca&latest

Revocation status

Revoked   INSECURE

[itman 1,659]

39 minutes ago, pcguy said:

Yet when you go to the same site in the same browser on a Windows10 computer that does not have Eset Anivirus there is no issue reading a page or downloading files.  If the cert is revoked would not Windows Defender also block that site?

Actually, Microsoft Defender has nothing to do with revoked certificate validations since it does not perform HTTPS scanning activities.

It is the browser responsibility to block a web site connection with a revoked certificate where a security solution is installed that does not perform HTTPS scanning.

Do you have AdGuard installed?

Edited July 26, 2023 by itman

[pcguy 1]

8 minutes ago, itman said:

Actually, Microsoft Defender has nothing to do with revoked certificate validations since it does not perform HTTPS scanning activities.

It is the browser responsibility to block a web site connection with a revoked certificate where a security solution is installed that does not perform HTTPS scanning.

Do you have AdGuard installed?

I do not have AdGuard installed. The non Eset computer is simply a Windows10 Pro installed with only MS Defender plus MS Edge and Brave Browser. MS Edge loads the page fine on the non ESET computer. On the Eset computer MS Edge throws up the Cert Revoked message.

[itman 1,659]

 

Quote

MS Edge loads the page fine on the non ESET computer.

I disabled Eset's HTTPS scanning and below shows Firefox blocks the web site connection due to a revoked cert.. If Edge is allowing the connection, something is wrong with its settings in this regard.

Edited July 26, 2023 by itman

[pcguy 1]

On the Eset machine, I use Brave Beta as my main browser. I have no issue going to https://transfert-transfer.bac-lac.gc.ca where I am presented with a login page.  Firefox gets the ESET blocked page and so does MS Edge

[pcguy 1]

If I disable ESET HTTPS scanning vai "Enable SSL/TLS protocol filtering none of the Chromium based browsers complain. MS Edge, Chrome and Brave get me to a login page. Firefox is the only browser who continue to throw up a warning page. 

[itman 1,659]

All browsers by default should be blocking access to web site with a revoked cert using their default cert. security settings.However, browser default cert. security settings can be overridden as shown in this article: https://bytebitebit.com/turn-off-security-certificate/ .

Edited July 27, 2023 by itman

[pcguy 1]

40 minutes ago, itman said:

All browsers by default should be blocking access to web site with a revoked cert using their default cert. security settings.However, browser default cert. security settings can be overridden as shown in this article: https://bytebitebit.com/turn-off-security-certificate/ .

That is what should happen however I have tried 3 computers here two do not have Eset installed and which I know for certain are using the default settings and both MS Edge and Chrome go to https://transfert-transfer.bac-lac.gc.ca/  without any issue. All of these computers are Windows 10 boxes fully up to date. A friend in the USA has the same experience with Windows 10 MS Edge they also get the login page. 

[itman 1,659]

The bottom line is Eset is not going to change its web site revoked cert. processing.