Confused about SSL checking

Discussion in 'ESET NOD32 Antivirus' started by JeremyWW, Aug 31, 2009.

Thread Status:
Not open for further replies.
  1. JeremyWW

    JeremyWW Registered Member

    Joined:
    Apr 13, 2005
    Posts:
    237
    I have SSL protocol / https checking enabled. (Did that while testing the eicar test site). Since then I am unable to check for updates in Firefox 3.5.2. To be honest I'm not sure how to use SSL checking and whether I even need to have it on. So any / all advice and guidance would be welcome.

    I only mention the following as it adds to my confusion on this subject: How come a certain AV tool starting with the letter 'K' will detect the eicar https test files but not cause problems elsewhere? What is different about NOD32 https checking? - I was hoping NOD32 would achieve the same result.

    Thanks - trialling NOD32 AV Version 4.
     
  2. NoCelery

    NoCelery Registered Member

    Joined:
    Jul 16, 2007
    Posts:
    21
    The problem is that you need the Root certificate to be installed in Firefox's Trusted Root Certification Authorities (ESET_RootSslCert). It gets installed in Windows' Trusted Root Certification Authorities which means IE can use it but the GUI/config tools fail to do so for Firefox. This means that all certificates in Firefox will be treated as invalid when using the Nod32 SSL scanner in Firefox . . . .which means that any automatic updates going to any urls starting with https will fail . . .

    There are some posts that will say you can export the certificate from the windows certificate store and import it into Firefox but I think this is not true as there is no way to export the certificate with the private key in tact.

    I have had to disabled https scanning for this reason as I use Firefox as my primary browser . . . I will be watching this post to see if anyone offers a solution but am not hopeful
     
  3. JeremyWW

    JeremyWW Registered Member

    Joined:
    Apr 13, 2005
    Posts:
    237
    Thanks. Also very disappointing...
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    No problems here with Firefox 3.0.11. What version of FF do you use?

    2. 9. 2009 0:47:37 HTTP filter file https://secure.eicar.org/eicar.com Eicar test file connection terminated - quarantined Threat was detected upon access to web by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
     

    Attached Files:

  5. JeremyWW

    JeremyWW Registered Member

    Joined:
    Apr 13, 2005
    Posts:
    237
    Marcos,

    Two issues:

    1) You're way out of date with FF. Current is 3.5.2
    2) I can catch the secure test files, but as a consequence of enabling SSL checking in NOD32, the FF update and add-in checks fail.
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    No difference with v. 3.5.2 except that one of my plugins doesn't support it :) When checking for plugin updates, I'm getting "No updates found" as they are current. Do you get any kind of error?
     
  7. JeremyWW

    JeremyWW Registered Member

    Joined:
    Apr 13, 2005
    Posts:
    237
    I don't have NOD32 installed atm, so this is from memory:

    With SSL checking enabled I get:

    1) Add-In check - 'Error while checking for update...' (or similar words) for each add-in.
    2) 'Malformed XML file...' (or similar words) for the FF update check.

    Both these errors go away and update checks work as expected if SSL checking is disabled.

    BTW, I'm running Windows 7 RC Build 7100 (updated). Is there a Beta out there somewhere for a new version? I understood from the UK distributor that there is...
     
Thread Status:
Not open for further replies.