Ssl Scanning Prevents Connection To Certain Sites

justinrjett

When I have SSL Scan turned on I cannot connect to a number of sites.

For example, mrtg.com and netflowknights.com

The site, in Google Chrome, gives this error.

ERR_CONNECTION_CLOSED.

It seems that the site verifies the certificate at the server and so refuses a connection to the server when the Bitdefener CA certificate is presented.

Is there anyway to whitelist these sites? The whitelist feature doesn't work. I still cannot connect. When I disable SSL Scanning, I can connect.

damianr

Hi. I think there's no option to whitelist a site. Can you also verify that the certificate on that site is no expired as well?

justinrjett

Hi. I think there's no option to whitelist a site. Can you also verify that the certificate on that site is no expired as well?

I can confirm that the site doesn't have an expired certificate.

The site is mrtg.com

You can also see that the site is working from ssllabs.com

https://www.ssllabs.com/ssltest/analyze.htm...;hideResults=on

Basically, what I think is happening is that the OCSP response isn't taking place and so the server is refusing the connection.

However, when I look at the server logs, I don't see the connection attempt.

This "man-in-the-middle" scanning is the only reason it doesn't connect, because when I disable SSL Scanning, it connects normally.

Nesivos

I am having a similar problem using BDIS 2015 and Firefox 34.0.5 on W7-SP1.

One of several sites I can not connect to when "Scan SSL" is turned on in BDIS is Twitter. The website is legit and the Security Cert is up to date. I use the Padlock extension with Firefox. When I turn "Scan SSL" off and load the webpage, in the Firefox Address Bar Padlock is showing green and says "Verified by Symantec. The Connection is Secure"

Is I turn Scan SSL on I get the following message when attempting to load Twitter. "The Connection Is Insecure" You have asked Firefox to connect securely to Twitter.com but we cannot confirm that connection is secure"

Nesivos

I just checked BD W8 Security on my W8.1 computers running Firefox 34.0.5. "Scan SSL" is on and I am not having any problems accessing trusted websites. The problem on my W7-SP1 computer using BDIS seemed to begin about the time I upgraded to Firefox 34.0.5. However I did do an uninstall of Firefox 34.0.5 and deleted all the Firefox folders. I then reinstalled Firefox 33.1.1 and the problem also now appared with Firefox 33.1.1. I don't recall it happening before I did the upgrade to 34.0.5. Anyway I re-upgraded to Firefox 34.0.5 since I saw no benefit in continuing to use version 33.1.1. The Scan SSL problem still persists.

I am using the default settings in Firefox. I am also using layered security but the secondary security programs I am using I am using on all of my computers; i.e., the W7-SP1 with BDIS and my W8.1 computers with BD W8 Security.

Anyone have any thoughts on what might be causing the problem and how to fix it? Thanks

Nesivos

I ran a Repair and all is now GTG.