Jump to content

Issues after installing organization-required root CA


carmik

Recommended Posts

I'm working as the IT responsible for an organization in a large WAN. ESET endpoint security is installed and TLS filtering is enabled mainly to scan secure HTTP/POP-3 traffic. Things worked just fine, until some changes in the WAN infrastructure took place. Specifically, the WAN traffic is now intercepted and scanned for malware/DLP. In order for that to be done, the IT department handling centrally the WAN has provided a root CA to be installed on all client systems, in order for them to be able to access the internet.

We've installed that with a group policy and most of the time things just work as they did: if I try to see the certificate of a page, I'm informed that the root certficate is the ESET one.

However, now on occasion trying to access a page throws a certificate error in the browser. Doing a refresh seems to work just fine. Additionally, some site utilizing templatres/code from other sites behave in a funny way: for example JS code does not seem to be working. Finally, we've seen a case where the same https site shows not only the ESET cert, but also a Digicom one or the cert corresponding to the central WAN.

I'm figuring here that there are two certificates trying to prevail which one is going to do MITM decryption. Are the above mentioned issues expected in a setup like ours?

Link to comment
Share on other sites

Addendum: reporting the issue to the organization IT HQ did not help a lot. I've been asked to insert the ESET root certificate via the MMC and not using the installer.

Two things:

1) where can I get the certificate itself to try that out?

2) I presume that the installer simply calls a cert management command to get the job done, which is not contrary to Microsoft recommendations, correct? In other words, can someone from ESET verify that the certification installation is done per MS guidelines? Even better, by which way (I'm definitely going to be asked about that).

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...