SSL Browsing Problem

Discussion in 'ESET NOD32 Antivirus' started by SuperFlyBoy, Mar 11, 2011.

Thread Status:
Not open for further replies.
  1. SuperFlyBoy

    SuperFlyBoy Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    41
    I have now switched to a Win7 64-bit machine and have NOD32 Biz AV for 64 bit installed on it.

    However, with Firefox 3.6.15, I am trying to log onto the Lufthansa site, www.milesandmore.com, where I have to log on with a username and password.

    I get this, after putting in the login information:

    Secure Connection Failed

    An error occurred during a connection to www.miles-and-more.com.

    You have received an invalid certificate. Please contact the server administrator or email correspondent and give them the following information:

    Your certificate contains the same serial number as another certificate issued by the certificate authority. Please get a new certificate containing a unique serial number.

    (Error code: sec_error_reused_issuer_and_serial)

    * The page you are trying to view can not be shown because the authenticity of the received data could not be verified.

    * Please contact the web site owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.

    What is the problem here?

    It is obviously a SSL issue, where I have currently set NOD32 to:

    "Ask about non-visited sites (exclusions can be set)"

    And have the checkbox selected for:

    "Block encrypted communication utilizing the obsolete protocol SSS v2"

    Internet Explorer just simply doesn't show anything, blanks out.
     
  2. SuperFlyBoy

    SuperFlyBoy Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    41
    The only solution that works is:

    "Do not scan SSL protocol"

    Which defeats the purpose of having this AV in the first place, isn't it?

    I have tried all variations of the SSL scan settings, but it just doesn't work.

    What if we are receiving e-mail over SSL? I assume that our mails will not be scanned and viruses will then get through, correcto_O
     
    Last edited: Mar 12, 2011
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    It is a known problem with the 64-bit installer of Firefox that is being currently investigated. The 32-bit version of Firefox should work fine with SSL scanning enabled.
     
  4. SuperFlyBoy

    SuperFlyBoy Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    41
    Actually, I'm using the 32-bit version of FF on this Win7 64-bit OS.

    Also, the same thing occurs with IE.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Do the following:
    - with IE closed, disable SSL scanning and click OK
    - enable SSL scanning
    - run IE
    - download eicar via https

    Let us know if eicar was detected.
     
  6. SuperFlyBoy

    SuperFlyBoy Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    41
    Detected. Quarantined.

    Now what else?

    How to solve the site problems?

    This also occurs with T-mobile.com's logged in customer account pages.
     
  7. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    make sure that java script is not blocked and that the browser accepts cookies for those sites. see if the site is utilizing the obsolete protocol SSS v2 by removing the check-mark in NOD. If positive you may consider to contact the admin of the site and request an update to a more secure protocol. Or exclude those troublesome sites from NOD scanning in the html management settings.

    It seems that something is wrong with certificates provided by the website vendor, perhaps they cross-script the login and and missed a proper certificate for some content. you may contact their admin in such case as well.
     
  8. Coccinelle

    Coccinelle Registered Member

    Joined:
    Jan 17, 2011
    Posts:
    211
    Location:
    France
    Go to Firefox/Options and click to choose automatically SSL
     
Thread Status:
Not open for further replies.