"Encrypted web scan" breaks ALL browsers except Firefox

So starting a week ago last Friday, I got a certificate error in Firefox that was preventing me from accessing the internet. I figured out that it was "Encrypted web scan" in Bitdefender, so I disabled and re-enabled it. This fixed it in Firefox, but it is still broken in all other browsers no matter what I do. It's broken in Google Chrome, Microsoft Edge, and I even installed Opera to see if that would work, and it didn't. The only way for me to use these browsers is to disable "Encrypted web scan".

I went to "Add/remove programs" and tried to uninstall Bitdefender. It gave me the option of repairing, so I repaired Bitdefender, restarted my computer, and I am still not able to use any of these browsers. Is it even possible for me to fix this?

Find more posts tagged with

Comments

dementedcanuck@gmail.com

Installed 2019 on the weekend - had the same issue. Was white-listing sites till that got overwhelming then I turned off SSL scanning.

Reply from BD support was to uninstall / reinstall ??? For a certificate issue ???

Problem is the trusted "root" certificate is missing.

My fix:

- searched the BD directory and found this:

C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache\fake-ca.crt

- your mileage may vary depending on where BD is installed to find that file.

Double click on it -should open in a dialog to install it - select "Install Certificate" and make sure you install to "trusted root" store (I selected manually - did not let it chose for me)

Once installed - turn SSL scan back on and try loading a problem page - use an HTTPS load. If it looks good - check the cert (in chrome - click the "lock" before Secure). In the drop-down select "certificate" then in the "Certificate" pop-up look for Issued by: it should list a Bitdefender Personal CA blah blah. Select the "certification Path" tab and in the status box look for "This certificate is OK."

If it is OK - problem should now be fixed.

The above procedure to install the root cert worked for me on Win 7 64 bit Pro. Not sure if it is the same for Win 10.

Much faster than uninstall / reinstall + reboots (with no guarantee that the cert will be installed properly this time)

Hope this helps ..

Old geezer advice (definitely NOT a Windows tech) so use at your own risk. My "guru" level skills are IBM Big Iron only - Z/OS & PowerVM with AIX & PowerHA.

My $0.02 CAD worth of advice from Great White North - and now the land of legalized pot where the Government run distribution network "ran out" on day 1 !

Marius G.

Usually, these sort of issues can occur if you have the option "use a Master Password" enabled in Firefox prior to installing Bitdefender:

https://support.mozilla.org/en-US/kb/use-master-password-protect-stored-logins

If you disable this feature and reinstall Bitdefender, everything should go back to normal. The solution posted above can work as well.

cisq

How do I reinstall bitdefender please?

Sergiu C.

On 11/1/2018 at 10:07 AM, cisq said:

How do I reinstall bitdefender please?

Hi /index.php?/profile/212805-cisq/&do=hovercard" data-mentionid="212805" href="<___base_url___>/index.php?/profile/212805-cisq/" rel="">@cisq,

Sorry for the delay. The product can be reinstalled by following the steps in this article:

https://www.bitdefender.com/consumer/support/answer/13429/

NobleUplift

On 11/6/2018 at 4:38 AM, Sergiu C. said:

Hi /index.php?/profile/212805-cisq/&do=hovercard" data-mentionid="212805" href="<___base_url___>/index.php?/profile/212805-cisq/" rel="">@cisq,

Sorry for the delay. The product can be reinstalled by following the steps in this article:

https://www.bitdefender.com/consumer/support/answer/13429/

Why don't you have an article on how to fix this certificate issue?

On 10/24/2018 at 10:32 AM, Marius G. said:

Usually, these sort of issues can occur if you have the option "use a Master Password" enabled in Firefox prior to installing Bitdefender:

https://support.mozilla.org/en-US/kb/use-master-password-protect-stored-logins

If you disable this feature and reinstall Bitdefender, everything should go back to normal. The solution posted above can work as well.

How would removing a master password fix a certificate authority? My problem is that all browsers OTHER than Firefox are not working.

On 10/23/2018 at 1:54 AM, dementedcanuck@gmail.com said:

Hi

Installed 2019 on the weekend - had the same issue. Was white-listing sites till that got overwhelming then I turned off SSL scanning.

Reply from BD support was to uninstall / reinstall ??? For a certificate issue ???

Problem is the trusted "root" certificate is missing.

My fix:

- searched the BD directory and found this:

C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache\fake-ca.crt

- your mileage may vary depending on where BD is installed to find that file.

Double click on it -should open in a dialog to install it - select "Install Certificate" and make sure you install to "trusted root" store (I selected manually - did not let it chose for me)

Once installed - turn SSL scan back on and try loading a problem page - use an HTTPS load. If it looks good - check the cert (in chrome - click the "lock" before Secure). In the drop-down select "certificate" then in the "Certificate" pop-up look for Issued by: it should list a Bitdefender Personal CA blah blah. Select the "certification Path" tab and in the status box look for "This certificate is OK."

If it is OK - problem should now be fixed.

The above procedure to install the root cert worked for me on Win 7 64 bit Pro. Not sure if it is the same for Win 10.

Much faster than uninstall / reinstall + reboots (with no guarantee that the cert will be installed properly this time)

Hope this helps ..

Old geezer advice (definitely NOT a Windows tech) so use at your own risk. My "guru" level skills are IBM Big Iron only - Z/OS & PowerVM with AIX & PowerHA.

My $0.02 CAD worth of advice from Great White North - and now the land of legalized pot where the Government run distribution network "ran out" on day 1 !

This issue also cropped up on another system in my network using BitDefender. I'll apply this fix and see if it works.

Sergiu C.

6 hours ago, NobleUplift said:

Why don't you have an article on how to fix this certificate issue?

How would removing a master password fix a certificate authority? My problem is that all browsers OTHER than Firefox are not working.

This issue also cropped up on another system in my network using BitDefender. I'll apply this fix and see if it works.

The master password would interfere with the installation process of the certificates in question in other browsers (the installation would hang at that step). It works in Firefox because the certificates were not installed at all.

A recent update should prevent the Firefox master password from causing this issue however.

NobleUplift

15 hours ago, Sergiu C. said:

The master password would interfere with the installation process of the certificates in question in other browsers (the installation would hang at that step). It works in Firefox because the certificates were not installed at all.

A recent update should prevent the Firefox master password from causing this issue however.

I followed the advice from dementedcanuck@gmail.com and now the problem is even WORSE! I installed the fake certificate and now Firefox no longer works with "Encrypted Web Scan" enabled. This problem has spread like a cancer to my parents' computers in different households as well. We can no longer use Firefox, Chrome, Edge, or any other internet browser since they are all effected.

I already reinstalled BitDefender. How. Do. I. Fix. This.

NobleUplift

Alright, after calling Bitdefender support, I was able to figure this issue out on my own. The first technician told me to reinstall Bitdefender (which didn't fix it, but rather maintained the status quo), and the second one just asked me to test my other browsers and to send me an email on this issue instead of knowing the steps to resolve this issue.

Well here it goes.

If you have Microsoft Internet Explorer, Microsoft Edge, Google Chrome, or Opera:

Go to C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache
Double-click fake-ca.crt
Accept the prompt.
This should fix it for all major browsers, but this will NOT fix it for Firefox.

Do not remove your master password. Removing your master password in Firefox would convert all of your passwords to plaintext, and leave you incredibly vulnerable while Bitdefender is uninstalling and reinstalling. Plus, uninstalling and reinstalling takes a LOT longer than the fix below.

In Firefox (with a Master Password enabled):

Click the Hamburger Button, Options.
Click Privacy and Security, scroll to Certificates, click View Certificates.
Scroll down until you find the Bitdefender category. If you previously had Bitdefender installed on your computer, you should see: BitdefenderPersonalCANet-Defender and/or BitdefenderPersonalCA000000000000.
Click each of these certificates and click "Export...". Save them to desktop. This is a backup in case importing the new certificate doesn't work. You can delete these files after the issue is fixed.
Click "Delete or distrust..." for each of the certificates above. You may receive a Master Password prompt. Enter it to remove them.
Click "Import...", navigate to "C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache ", and select fake-ca.crt.
You should now be running the most up-to-date version of Bitdefender's certificates, allowing "Encrypted web scan" to work!

NobleUplift

I would like to edit my previous post, but seeing that I can't, I'll just make the edit I would make there, here:

If you have Microsoft Internet Explorer, Microsoft Edge, Google Chrome, or Opera:

Go to C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache
Double-click fake-ca.crt
Accept the prompt.
This should fix it for all major browsers, but this will NOT fix it for Firefox.

This tutorial DID NOT WORK!!! Every single browser on my computer OTHER than Firefox is now broken. Internet Explorer, Google Chrome, Microsoft Edge, even Opera.

I actually found a useless support article that says... just disable "Encrypted web scan"!!! https://www.bitdefender.com/support/what-to-do-when-security-certificates-cannot-be-verified-installed-1090.html

I actually need to use more than one browser on my machine for both work and personal accounts. Could someone please find out how to fix this on non-Firefox browsers?

NobleUplift

Alright, this is my amended tutorial for fixing Internet Explorer, Google Chrome, and Microsoft Edge:

Type "Certificate Manager" in Start Menu.
Find any Bitdefender certificates, especially in Trusted Root Certification Authorities or Intermediate Certification Authorities. Export them (as a backup), and then delete them.
Type "User Certificates" in Start Menu.
Find any Bitdefender certificates, especially in Trusted Root Certification Authorities or Intermediate Certification Authorities. Export them (as a backup), and then delete them.
Go to C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache
Double-click fake-ca.crt
Click "Install Certificate..."
Select "Local Machine".
Select "Place all certificates in the following store"
Click Browse... and Select "Trusted Root Certification Authorities".
Click Next and Finish.
Double-click fake-ca.crt again
Click "Install Certificate..."
Select "Local Machine".
Select "Place all certificates in the following store"
Click Browse... and Select "Intermediate Certification Authorities".
Click Next and Finish.
This should fix it for all major browsers, but this will NOT fix it for Firefox.

Barmcake

Hi NobleUplift,

Thank you for your hard work on this problem. I just followed your suggestions with the Certificate Manager and now Firefox and all my other browsers are working fine and my Firefox master password is still working as per normal. It did fix it for Firefox after all on my pc, and I hope you are eventually able to get it fixed on yours as well.

NobleUplift

On 1/26/2019 at 12:56 PM, Barmcake said:

Hi NobleUplift,

Thank you for your hard work on this problem. I just followed your suggestions with the Certificate Manager and now Firefox and all my other browsers are working fine and my Firefox master password is still working as per normal. It did fix it for Firefox after all on my pc, and I hope you are eventually able to get it fixed on yours as well.

You're welcome! It took 23 days, but I finally got Bitdefender support trained on this issue. Here are the instructions they sent in the email yesterday:

1. Click on Start.

2. Type CERTMGR.MSC in start search box and press Enter. This will open the Certificate Manager.

3. Double click to expand Trusted Root Certificate Authorities, then click on Certificates beneath it.

4. Check if Bitdefender Personal CA.Net-Defender appears in the list. Right click on Bitdefender Personal CA.Net-Defender, then choose Delete and OK to confirm. If Bitdefender Personal CA.Net-Defender is not in the list, skip to step 5.

5. right click on Certificates and choose All Tasks > Import > press Next > then Browse to C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache\fake-ca.crt > press Next again

6. choose "Place all certificates in the following store : Trusted Root Certification Authorities"

Hopefully, they write a knowledgebase article with these instructions, as well as the Firefox instructions I outlined above, so that they can give this to users immediately instead of having to deal with this for 3 months.

eazy

Nothing above works for me with chrome,not tried other browsers as i dont use them,any other ideas how to fix this?

eazy

12 hours ago, eazy said:

Nothing above works for me with chrome,not tried other browsers as i dont use them,any other ideas how to fix this?

Also want to add that,i am using Bitdefender Antivirus Plus 2019,just bought yesterday,so far i regret that. If no support and fix for this problem then i want refund,this is not sulution to turn off encrypted web scan and also not option to add all https websites under exeptions,cant even make java update anymore,everything is blocked,its even worse than firewall.Example - I dont buy brand new broken car from store,this product is broken and not fully functional,i paid for fully functional product,not for broken product. I know i am not alone,but that is not excuse also.