Ecommerce software home
Shopping Cart Software Forum for Ecommerce Templates
 
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

Find us on Facebook Follow us on Twitter View our YouTube channel
Search our site
 All Forums
 General
 Off topic, News and Updates
 All SSL certs show same issuer in every browser
Author « Topic »  

V45
Advanced Member

United Kingdom
416 Posts

Pre-sales questions only
(More Details...)

Posted - 05/28/2018 :  13:42:37  
This is a very annoying 'problem' and if anyone can throw some light on it I would most appreciate any assistance.

In Chrome & Firefox, my main two browsers, as well as Edge & Opera, when viewing a websites SSL info at the beginning of the address bar, EVERY SINGLE website states Issued by: Kaspersky Anti-Virus Personal Root Certificate, even the ones that I know are definitely not issued by Kaspersky. Some of my sites SSL's are issued by LetsEncrypt, as well as some customers, but they show as Kaspersky. Even the ecommercetemplates website certificate states that it is issued by Kaspersky Anti-Virus Personal Root Certificate, when I'm pretty sure only a few days back it stated GoDaddy.

The ONLY website that states differently is google.co.uk / .com - they show as issued by Google Internet Authority G3

Kaspersky Total Internet Security is installed on this laptop and has been for a week shy of 12 months and this issue has only shown itself today. As I've no other PC here without Kaspersky on at the moment I cant check. I don't want the faff of uninstalling Kaspersky but I have been unable to find why this has just started to show.

I know I need to renew my updater

Will
Bolton Manchester UK

Edited by - V45 on 08/27/2018 10:30:15

insight
ECT Moderator

USA
4476 Posts

Posted - 05/28/2018 :  16:26:58  
Never used Kaspersky, but it sounds like it's inspecting your SSL traffic by decrypting packets in flight, having a look at them and rolling them back up again with their own certificate, acting like a man-in-the-middle attacker if you like. Lots of bad stuff is encrypted to avoid detection these days but personally I find decrypting encrypted traffic a rather troubling concept and not real useful in situations where users are fairly switched on. In corporate networks it may have it's place. If there are any controls for this in the app they will probably say something like SSL scanning or maybe DPI-SSL.

And yes, you need to renew your support

Peter

ServeLink
Professional ecommerce web hosting for ASP & PHP
https://servelink.com

Take a look at our image upload/resize tool for the ASP cart
https://servelink.com/clients/cart.php?gid=7

V45
Advanced Member

United Kingdom
416 Posts

Pre-sales questions only
(More Details...)

Posted - 05/29/2018 :  14:44:43  
Hi Peter

Thanks for your reply.

I searched every possible setting and found absolutely nothing. I hate software that thinks it should rule the roost. There's doing what it's purchased for and then there's overstepping the mark. So, I have sacked it off in to File 13, the bin. After a few restarts and C Cleaner clearing up the debris / registry, all is tickety boo

Where it was always showing as the SSL was issued by Kaspersky, the Issuer Statement button in Chrome was always greyed out. Now all websites show an active Issuer Statement button and their SSL provider.

In respect of renewing my support, which has always been 10/10, I will sort that first week of June.



Will
Bolton Manchester UK

Edited by - V45 on 05/29/2018 14:45:13

insight
ECT Moderator

USA
4476 Posts

Posted - 05/29/2018 :  15:41:32  
There is something like that going on, see here for example: https://www.bleepingcomputer.com/news/security/google-dev-finds-serious-flaws-in-kasperskys-https-traffic-inspection-system/ where they talk about the decryption/inspection/re-encryption of SSL traffic. Whether you can turn it off I have no idea, but I guess it's all moot now anyway now it's in the bit bucket. Probably they were sending all your secure traffic to KGB headquarters anyway, so you're better off without it .



Peter

ServeLink
Professional ecommerce web hosting for ASP & PHP
https://servelink.com

Take a look at our image upload/resize tool for the ASP cart
https://servelink.com/clients/cart.php?gid=7

V45
Advanced Member

United Kingdom
416 Posts

Pre-sales questions only
(More Details...)

Posted - 08/27/2018 :  10:29:21  
Thought I would update this. It's a niggle that has hacked me off

I have determined what caused 99%+ of all SSL certificates to show in every browser as being issued by Kaspersky Anti Virus Root Certificate when checking in every browser.

In the Kaspersky Total Security software under Network Settings, there's a sub heading of Encrypted Connections Scanning. By default the option Scan encrypted connections upon request from protection components is checked. Setting that to Do not scan encrypted connections then shows the correct certificate issuer in the browser.



Will - Bolton Manchester UK
  « Topic »  
Jump To:
Shopping Cart Software Forum for Ecommerce Templates © 2002-2022 ecommercetemplates.com
This page was generated in 0.03 seconds. Snitz Forums 2000