labynko 5 Posted Saturday at 03:01 PM Share Posted Saturday at 03:01 PM Hello. If the application has Unicode characters in the digital signature publisher name, the firewall rules that are configured to check the digital signature will not work correctly: notifications about the rule triggering do not work and connections to public addresses are blocked. As an example, we can use the WinBox program from MikroTik. https://download.mikrotik.com/routeros/winbox/3.41/winbox64.exe Digital signature publisher name for WinBox64.exe: SIA "Mikrotīkls" Example of a working rule: An example of a rule that does not work correctly: The issue is reproduced in the current version of ESET Endpoint Security 11.1.2052.0. Quote Link to comment Share on other sites More sharing options...
itman 1,758 Posted Saturday at 04:12 PM Share Posted Saturday at 04:12 PM Did you try; 1. For Application signature option use Signed by a signer. 2. For Name of signer use SIA "Mikrotīkls". Quote Link to comment Share on other sites More sharing options...
labynko 5 Posted Saturday at 05:49 PM Author Share Posted Saturday at 05:49 PM Yes, I tried. There is also a problem. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,294 Posted 21 hours ago Administrators Share Posted 21 hours ago We confirmed the bug but it's not caused by a unicode string. It will be addressed via a firewall module update automatically. M_EPFW-393 Quote Link to comment Share on other sites More sharing options...
labynko 5 Posted 15 hours ago Author Share Posted 15 hours ago Please let me know under what conditions does it occur? When is the problem expected to be fixed? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,294 Posted 15 hours ago Administrators Share Posted 15 hours ago It's nested quotes in CN which causes the cert. to be considered invalid. A fix will be included probably included in the firewall module 1452. We're currently in the process of releasing module 1451. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.