pcguy 1 Posted July 26, 2023 Share Posted July 26, 2023 (edited) If one goes to https://transfert-transfer.bac-lac.gc.ca which is a Canadian Federal government website you get a website certicate revoked. Yet when you go to the same site in the same browser on a Windows10 computer that does not have Eset Anivirus there is no issue reading a page or downloading files. If the cert is revoked would not Windows Defender also block that site? Edited July 27, 2023 by Marcos URL updated Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted July 26, 2023 Administrators Share Posted July 26, 2023 The SSL cert. used by the web server was indeed revoked: https://www.ssllabs.com/ssltest/analyze.html?d=transfert-transfer.bac-lac.gc.ca&latest Revocation status Revoked INSECURE Link to comment Share on other sites More sharing options...
itman 1,760 Posted July 26, 2023 Share Posted July 26, 2023 (edited) 39 minutes ago, pcguy said: Yet when you go to the same site in the same browser on a Windows10 computer that does not have Eset Anivirus there is no issue reading a page or downloading files. If the cert is revoked would not Windows Defender also block that site? Actually, Microsoft Defender has nothing to do with revoked certificate validations since it does not perform HTTPS scanning activities. It is the browser responsibility to block a web site connection with a revoked certificate where a security solution is installed that does not perform HTTPS scanning. Do you have AdGuard installed? Edited July 26, 2023 by itman Link to comment Share on other sites More sharing options...
pcguy 1 Posted July 26, 2023 Author Share Posted July 26, 2023 8 minutes ago, itman said: Actually, Microsoft Defender has nothing to do with revoked certificate validations since it does not perform HTTPS scanning activities. It is the browser responsibility to block a web site connection with a revoked certificate where a security solution is installed that does not perform HTTPS scanning. Do you have AdGuard installed? I do not have AdGuard installed. The non Eset computer is simply a Windows10 Pro installed with only MS Defender plus MS Edge and Brave Browser. MS Edge loads the page fine on the non ESET computer. On the Eset computer MS Edge throws up the Cert Revoked message. Link to comment Share on other sites More sharing options...
itman 1,760 Posted July 26, 2023 Share Posted July 26, 2023 (edited) Quote MS Edge loads the page fine on the non ESET computer. I disabled Eset's HTTPS scanning and below shows Firefox blocks the web site connection due to a revoked cert.. If Edge is allowing the connection, something is wrong with its settings in this regard. Edited July 26, 2023 by itman Link to comment Share on other sites More sharing options...
pcguy 1 Posted July 26, 2023 Author Share Posted July 26, 2023 On the Eset machine, I use Brave Beta as my main browser. I have no issue going to https://transfert-transfer.bac-lac.gc.ca where I am presented with a login page. Firefox gets the ESET blocked page and so does MS Edge Link to comment Share on other sites More sharing options...
pcguy 1 Posted July 27, 2023 Author Share Posted July 27, 2023 If I disable ESET HTTPS scanning vai "Enable SSL/TLS protocol filtering none of the Chromium based browsers complain. MS Edge, Chrome and Brave get me to a login page. Firefox is the only browser who continue to throw up a warning page. Link to comment Share on other sites More sharing options...
itman 1,760 Posted July 27, 2023 Share Posted July 27, 2023 (edited) All browsers by default should be blocking access to web site with a revoked cert using their default cert. security settings.However, browser default cert. security settings can be overridden as shown in this article: https://bytebitebit.com/turn-off-security-certificate/ . Edited July 27, 2023 by itman Link to comment Share on other sites More sharing options...
pcguy 1 Posted July 27, 2023 Author Share Posted July 27, 2023 40 minutes ago, itman said: All browsers by default should be blocking access to web site with a revoked cert using their default cert. security settings.However, browser default cert. security settings can be overridden as shown in this article: https://bytebitebit.com/turn-off-security-certificate/ . That is what should happen however I have tried 3 computers here two do not have Eset installed and which I know for certain are using the default settings and both MS Edge and Chrome go to https://transfert-transfer.bac-lac.gc.ca/ without any issue. All of these computers are Windows 10 boxes fully up to date. A friend in the USA has the same experience with Windows 10 MS Edge they also get the login page. Link to comment Share on other sites More sharing options...
itman 1,760 Posted July 27, 2023 Share Posted July 27, 2023 The bottom line is Eset is not going to change its web site revoked cert. processing. Link to comment Share on other sites More sharing options...
Recommended Posts