Encrypted web scan disabling


Before with BD 2018 you could disable 'encrypted web scan' and disable the notification in settings/advanced.


How do you do that in BD 2019, now I get these notification in the dashboard that not ignorable ?

I don't want to use ssl scan because it introduce an BD ssl cert in the processing flow which break my mail and other application that use ssl.


Thanks.

Comments


  • Hello, 


     


    This is not possible at the moment. 


    You can stop the product from displaying pop-up notifications related to recommendations (from Settings > General), however they will still be displayed in the dashboard when you open Bitdefender. 


    We have forwarded a suggestion to our development team to allow the recommendation for this module to be hidden (as we have had a few other requests), however the likelyhood of this being implemented is small, since it is considered important that our users be notified in some way when a protection feature is disabled. 


  • Encrypted web scan does not work properly, at least for firefox. This is an ongoing problem for years now.


    It should be considered as a "protection" if it works properly.


    Most legit https sites are blocked...



  • On 8/12/2018 at 10:26 AM, Sergiu C. said:



    We have forwarded a suggestion to our development team to allow the recommendation for this module to be hidden (as we have had a few other requests), however the likelyhood of this being implemented is small, since it is considered important that our users be notified in some way when a protection feature is disabled. 



    That is very unfortunate. I want to use Bitdefender as a PC virus scanner, nothing else. You should let your customers decide which feature they want to enable and which not.


    Currently, I constantly have the "WARNING" sign in the Windows tray above the BitDefender logo. As enabling WebScan is not an option for me, I will likely have to discontinue using BitDefender, unless you decide to let users disabled modules without showing a constant warning.


  • I have the same problem since Bitdefender 2019 has been installed on my system: I want to exclude scanning of SSL connections, but at the same time, I don't want the warning cross on the Bitdefender tray icon. I hope this will be fixed. Thanks.


  • This problem has been vexing me for days. At least for my Windows 7 Home Premium 64-bit PC, the solution was so simple I cannot believe that it worked. I uninstalled Chrome and then downloaded and reinstalled Chrome. That's it! It took only a few minutes and now Encrypted Web Scan is enabled and I am having no problems with sites not loading.


  • Let's force our users to enable a module which doesn't work right. What idiot though this was a good idea? 


  • Arrgh! I rebooted my PC and once again I could not access some websites in Chrome. I had to disable Encrypted Web Scan again.


  • Hi /index.php?/profile/12703-kobac/&do=hovercard" data-mentionid="12703" href="<___base_url___>/index.php?/profile/12703-kobac/" id="ips_uid_1577_5" rel="">@Kobac,


    If the issue is in other browsers try these steps instead:


    - press Windows start button and type certmgr.msc, then press Enter


    - select Trusted Root Certificates > Certificates


    - right click on Certificates and choose All Tasks > Import


    - press Next > then Browse to C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache\fake-ca.crt > press Next again


    - click Automatically select the certificate store > Next > Finish


    Check if websites load correctly.



  • 6 hours ago, Stefan I. said:



    Thanks but I tried that previously when I first had the Chrome issue. It did not work for me. Please see my posts in forum topic "Install and Activation: Error code -3".


    I just submitted a ticket a few minutes ago since I am having error code -3 messages again when trying to run updates. Updates were working fine until I rebooted my PC this morning.


     


    Hi /index.php?/profile/12703-kobac/&do=hovercard" data-mentionid="12703" href="<___base_url___>/index.php?/profile/12703-kobac/" rel="">@Kobac,


    If the issue is in other browsers try these steps instead:


    - press Windows start button and type certmgr.msc, then press Enter


    - select Trusted Root Certificates > Certificates


    - right click on Certificates and choose All Tasks > Import


    - press Next > then Browse to C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache\fake-ca.crt > press Next again


    - click Automatically select the certificate store > Next > Finish


    Check if websites load correctly.



     


  • Once again after a reboot, updates are failing, this time with error code -1018 (see screen shot). Please help.


     

    Bitdefender error code -1018.JPG


  • Hi, 



    We have seen the update error -1018 with a few other users that were upgraded from Bitdefender 2017, to Bitdefender 2019. 



    Reinstalling from the Control Panel has fixed the issue for them, could you try that?

    https://www.bitdefender.com/consumer/support/answer/13429/



    Thank  you!


  • Thank you, Sergiu. I reinstalled the product and so far updates have been successful.


  • For those following this thread, I still had to disable Encrypted Web Scan to gain access to some sites (notably Facebook).


  • @Kobac



    In the latest build 23.0.11.48 we have released a fix to address a bug that caused an issue with signing in to Facebook on some configurations. Can you try to perform an update from the system tray (right click on Bitdefender icon > choose Update Now) , then restart the computer, to make sure you have all the latest fixes?



    Thanks!


  • Sergiu, I did as you suggested. I was not able to load the Facebook page until I disabled Encrypted Web Scan.



  • On 10/20/2018 at 8:18 PM, Kobac said:



    Sergiu, I did as you suggested. I was not able to load the Facebook page until I disabled Encrypted Web Scan.



    Hi, 



    If the issue is still occurring, can you try to re-import the certificates, only this time, select the certificate store manually, rather than choosing the Automatic option:


    - close browsers/email clients


    - press Windows start button and type certmgr.msc, then press Enter


    - select Trusted Root Certificates > Certificates


    - right click on Certificates and choose All Tasks > Import


    - press Next > then Browse to C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache\fake-ca.crt > press Next again


    - select "Place all certificates in the following store" and Trusted Root Certification Authorities" should be selected under Certificate Store.

     


  • This problem had plagued me in just Chrome since the 2019 update installed itself about a month ago. Back then I tried the manual process as explained above, which didn't do the trick, so I've mostly been using other browsers all this time.


    Now, after opening Chrome again for something else and finding the tab for this page that was left open, I just tried it again as per Sergiu's suggestion the  other day and hey-presto, Chrome is now able to get to certain https sites that it couldn't before.


    It's such a shame that BD update problems like this seem to take ages to find solutions. Similar long-to-solve problems plagued me  on the 2018 update last year.


    Hopefully normal service has now finally resumed.



  • 13 hours ago, Sergiu C. said:



    Hi, 



    If the issue is still occurring, can you try to re-import the certificates, only this time, select the certificate store manually, rather than choosing the Automatic option:


    - close browsers/email clients


    - press Windows start button and type certmgr.msc, then press Enter


    - select Trusted Root Certificates > Certificates


    - right click on Certificates and choose All Tasks > Import


    - press Next > then Browse to C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache\fake-ca.crt > press Next again


    - select "Place all certificates in the following store" and Trusted Root Certification Authorities" should be selected under Certificate Store.

     



    I tried this procedure (this was the THIRD time) and re-enabled Encrypted Web Scan. So far I am able to go to sites in Chrome without constantly getting warnings. I will wait a bit before declaring that all is fixed. I also re-enabled Silent Update. Thanks, Sergiu!



  • 14 hours ago, Kobac said:



    I tried this procedure (this was the THIRD time) and re-enabled Encrypted Web Scan. So far I am able to go to sites in Chrome without constantly getting warnings. I will wait a bit before declaring that all is fixed. I also re-enabled Silent Update. Thanks, Sergiu!



    Thank you, I hope all will be OK. 

  • TempleKa
    TempleKa
    edited October 2018


    On 10/29/2018 at 11:41 AM, Sergiu C. said:



    Hi, 



    If the issue is still occurring, can you try to re-import the certificates, only this time, select the certificate store manually, rather than choosing the Automatic option:


    - close browsers/email clients


    - press Windows start button and type certmgr.msc, then press Enter


    - select Trusted Root Certificates > Certificates


    - right click on Certificates and choose All Tasks > Import


    - press Next > then Browse to C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache\fake-ca.crt > press Next again


    - select "Place all certificates in the following store" and Trusted Root Certification Authorities" should be selected under Certificate Store.

     



    Sadly this isn't working for me. Also after yesterday it also started to totally block sites with invalid certificates that you can add exceptions in Chrome/Firefox (not that Firefox was working anyway) making it impossible to access them. Still the only solution is to disable "Encrypted web scan".


  • I'm also getting invalid certificate using firefox and bitdefender:


    Issuer: C = US,O = Bitdefender,OU = IDS,CN = Bitdefender Personal CA.Net-Defender


    https://support.mozilla.org/en-US/questions/1238987


    ^link to certificate chain with confirmation that Bitdefender is at fault


  • Hi, I'm having the same. Sites I regularly use for work cant be accessed!! Does anyone know what's happening here, please?


     



  • On 10/29/2018 at 9:41 AM, Sergiu C. said:



    Hi, 



    If the issue is still occurring, can you try to re-import the certificates, only this time, select the certificate store manually, rather than choosing the Automatic option:


    - close browsers/email clients


    - press Windows start button and type certmgr.msc, then press Enter


    - select Trusted Root Certificates > Certificates


    - right click on Certificates and choose All Tasks > Import


    - press Next > then Browse to C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache\fake-ca.crt > press Next again


    - select "Place all certificates in the following store" and Trusted Root Certification Authorities" should be selected under Certificate Store.

     



    Hi I've just tried this and it doesn't work on firefox. Why is this happening ?


     


  • Hi, 



    The latest build brings some changes to the installation process, specifically regarding how the certificates are installed. 



    Can you try to reinstall Bitdefender please? 



    https://www.bitdefender.com/consumer/support/answer/13429/



    Thank you!



  • On 10/29/2018 at 5:41 AM, Sergiu C. said:



    Hi, 



    If the issue is still occurring, can you try to re-import the certificates, only this time, select the certificate store manually, rather than choosing the Automatic option:


    - close browsers/email clients


    - press Windows start button and type certmgr.msc, then press Enter


    - select Trusted Root Certificates > Certificates


    - right click on Certificates and choose All Tasks > Import


    - press Next > then Browse to C:\Program Files\Bitdefender\Bitdefender Security\mitm_cache\fake-ca.crt > press Next again


    - select "Place all certificates in the following store" and Trusted Root Certification Authorities" should be selected under Certificate Store.

     



    I tried this procedure (this was the THIRD time) and re-enabled Encrypted Web Scan. So far I am able to go to sites in Chrome without constantly getting warnings. I will wait a bit before declaring that all is fixed. I also re-enabled Silent Update. Thanks, Sergiu!


    ========================================================================================================


    I think it's safe to say that my particular problem has been resolved since I last posted on October 29 and it's now 4 days later. Encrypted Web Scan is enabled, updates are working fine and I have no problems accessing sites.


    Thank you, Sergiu, for all your help!



  • On 11/1/2018 at 1:08 PM, Sergiu C. said:



    Hi, 



    The latest build brings some changes to the installation process, specifically regarding how the certificates are installed. 



    Can you try to reinstall Bitdefender please? 



    https://www.bitdefender.com/consumer/support/answer/13429/



    Thank you!



    Didn't work for me. Still can't use Firefox and my Esxi page doesn't even load in whatever browser I try unless I disable encrypted web scan. Adding the IP to exception does nothing as well since you can't add the exact url in Bitdefender.


  • Hi, Everybody


    I am new to the Forum, and I start with a (for the time being, at least) happy story, albeit

    quite tiresome.


    A few weeks ago, I started having to manually accept the certificate of a mail client (my

    university). I had not noticed any problems with the browsers (I regularly use Firefox).

    However, on Nov. 1, having had to resort to another browser, due to a Firefox failure

    with some site, I came to the conclusion that all my three other installed browsers (IE,

    Edge, and Chrome) were blocking all my most needed secure sites (e.g., home banking,

    Google, even certain BitDefender sites..., etc.). Going back to Firefox, that same day it

    started blocking the same sites.


    Having searched the Forum in more than one thread, I tried some recommendations that

    didn't work at all (like importing the fake-ca.crt int he two possible ways). I also tried

    the one brought up by some members - disabling the 'Encrypted Web Scan' -, which

    solved the blocking of sites and mail, but left an uncomfortable feeling of insecurity and

    low aesthetics (with that killer black cross over the BD icon on my taskbar).


    How things got right:


    1. Following the suggestion by Sergiu C, on Thursday at 12:08 PM, I reinstalled BD

    from Control Panel. The mail problem was solved and IE, Edge, and Chrome were

    working to perfection. Only Firefox was not responsive to the treatment.


    2. I then resorted to another recommendation regarding only Firefox, again from great

    Sergiu, on Sept. 24 and appearing in the following 'thread' (I don't know how threads

    are identified - couldn't they have a serial number? - but I hope this suffices):


    Bitdefender 2019 Stopping All "https" Secure Sites Access

    By Mr Richard Cheah, September 24 in GENERAL


    In one of the steps, I didn't have to delete any Bitdefender certificates, because there

    were none. After importing the relevant file, I restarted the computer and all went well. I

    hope other members of the Forum will soon be as happy as I was.


    Best regards, with special tanks to Sergiu.


  • Ok , I have tried everything suggested on this forum . I have reinstalled Bitdefender from Control Panel . I have uninstalled and reinstalled after reboot and registry cleanup . I have manually installed the cert through the system cert manager . I have installed the cert through firefox and chrome .


       I still can't access certain websites , but what is more important and more of an issue , is that I am now unable to access the web gui of Ubiquiti router without having to turn off web encryption protection every time . This was working right up til the 1st of November ( it made me authorize the Ubiquiti cert , but it worked ) sometime around that date , an update caused it to stop working altogether, doesn't even give me the chance to authorize the cert in Firefox at all now .It just gives me the error SSL_ERROR_NO_CYPHER_OVERLAP .


     


     



  • 22 hours ago, gooberific said:



    Ok , I have tried everything suggested on this forum . I have reinstalled Bitdefender from Control Panel . I have uninstalled and reinstalled after reboot and registry cleanup . I have manually installed the cert through the system cert manager . I have installed the cert through firefox and chrome .


       I still can't access certain websites , but what is more important and more of an issue , is that I am now unable to access the web gui of Ubiquiti router without having to turn off web encryption protection every time . This was working right up til the 1st of November ( it made me authorize the Ubiquiti cert , but it worked ) sometime around that date , an update caused it to stop working altogether, doesn't even give me the chance to authorize the cert in Firefox at all now .It just gives me the error SSL_ERROR_NO_CYPHER_OVERLAP .


     


     



    Hi, 



    Please reach us at [email protected] and send us a few examples of websites that are not loading properly. Please also mention if for example bitdefender.com or google.com also return an error. 



    Thank you. 


    1. After installing the Bitdefender Antivirus 2018 click on the protection option from the left side panel.

    2. From the Protection screen click on the View features option.BitDefender total security 2018 SSL error

    3. After that you will all protection features of Bitdefender. Now click on the settings gear icon given under the Web protection.                      BitDefender total security 2018 web security settings

    4. Under the Web Protection Settings, click on the on Scan SSL toggle button to turn it off.disable SSL Scanning Bitdefender

    5. Get More information For MOVE HERE

  • Last week I found that iDEAL payments via Rabobank in the Netherlands end up in a page not found.


    I contacted Rabobank Netherlands for this issue and according to them this is a known Bitdefender issue.


    As far as I found out now but not 100% sure about this, the error occurs when SSL scan has been enabled. Today I created a ticket for this only to put more pressure on Bitdefender to solve this annoying problem.


    I also hope that Bitdefender will stop 'forcing SSL scan.



  • 3 minutes ago, BP-Web said:



    Last week I found that iDEAL payments via Rabobank in the Netherlands end up in a page not found.


    I contacted Rabobank Netherlands for this issue and according to them this is a known Bitdefender issue.


    As far as I found out now but not 100% sure about this, the error occurs when SSL scan has been enabled. Today I created a ticket for this only to put more pressure on Bitdefender to solve this annoying problem.


    I also hope that Bitdefender will stop 'forcing SSL scan.



    Hi, 



    Payments through iDeal should work if you disable this option:


     


    - Open Bitdefender 


    - Click on Privacy


    - Click on Settings under Safepay 


    - Disable Safepay Notifications. 



    Also, please provide me with your ticket ID, as I wasn't able to find it. 



    Thanls!


  • Thanks for your response. Will the issue been solved soon?


    Ticket is : 2018111210550001


     


     



  • On 11/12/2018 at 1:28 PM, BP-Web said:



    Thanks for your response. Will the issue been solved soon?


    Ticket is : 2018111210550001


     


     



    Hi, 



    Unfortunately, no ETA is available for the fix at this time


  • Still waiting for an answer! 


    Anyone who can tell if this issue has been resolved yet?


     



  • 46 minutes ago, BP-Web said:



    Still waiting for an answer! 


    Anyone who can tell if this issue has been resolved yet?


     



    Hi,


     


    We do not have an ETA at this moment. As my colleague informed you on his email we will get back as soon as we have more updates on this.


  • If Bitdefender is not planning for allowing disable of ssl scan, At least we should have option to disable scan of websites implemented Extended Validation Certification like Banking Websites, Twitter etc.


  • Hi /index.php?/profile/198756-m1inty/&do=hovercard" data-mentionid="198756" href="<___base_url___>/index.php?/profile/198756-m1inty/" rel="">@M1INTY , 


     


    The Encrypted Web Scan can be disabled even now, but you will see a recommendation in the dashboard to re-enable it. 



    Also, you can add websites to exclusions under Online Threat Prevention so that they are not scanned by this feature. 


  • Whereas this may be true for websites , this still won't allow access to my Ubiquiti Edgemax 4P routers web management interface. It's won't let me just enter 192.168.1.1 , it forces me to use http://192.168.1.1 , but even then , it ignores that and still enforces encryption scanning . It does this even after a reboot of the machine . That is my only real issue here , I am happy to enter a website to be excluded , but it isn't honoring exclusions , making me disable Encrypted Web Scan altogether in order to manage my router .  I may be lucky that it doesn't seem to be effecting any web browsing at all for me , just the router management gui.



  • 19 hours ago, gooberific said:



    Whereas this may be true for websites , this still won't allow access to my Ubiquiti Edgemax 4P routers web management interface. It's won't let me just enter 192.168.1.1 , it forces me to use http://192.168.1.1 , but even then , it ignores that and still enforces encryption scanning . It does this even after a reboot of the machine . That is my only real issue here , I am happy to enter a website to be excluded , but it isn't honoring exclusions , making me disable Encrypted Web Scan altogether in order to manage my router .  I may be lucky that it doesn't seem to be effecting any web browsing at all for me , just the router management gui.



    Hi, 



    This is a different issue, and one that is investigated by our development team at this time. You can create a ticket by sending us an email at [email protected], so that we can inform you through email once a fix is released. 



    Unfortunately exclusions do not allow the URLs to load in this case, you are correct. 



    Thank you. 



  • On 9/21/2018 at 11:49 AM, threedee said:



    Encrypted web scan does not work properly, at least for firefox. This is an ongoing problem for years now.


    It should be considered as a "protection" if it works properly.


    Most legit https sites are blocked...



    I agree. I do NOT think it is Firefox's problem. I had Kaspersky Total Security for many years before I switched to BD this year, and there was NEVER any such problem while using Firefox. So, if BD tech support is blaming Firefox, then they are just showing their incompetence. By the way, no such problem with Internet Explorer. So, indeed there are some Firefox-specific coding issues the tech people at BD still haven't figured out! Sad that Kaspersky can handle this, and BD can't...



  • On 12/4/2018 at 5:14 AM, Sergiu C. said:



    Hi, 



    This is a different issue, and one that is investigated by our development team at this time. You can create a ticket by sending us an email at [email protected], so that we can inform you through email once a fix is released. 



    Unfortunately exclusions do not allow the URLs to load in this case, you are correct. 



    Thank you. 



    So, exclusion list works for external websites, but does not work for link like http://192.168.1.1 (which is a web site hosted on the internal LAN)?



  • 20 hours ago, alokep said:



    So, exclusion list works for external websites, but does not work for link like http://192.168.1.1 (which is a web site hosted on the internal LAN)?



    Yes, though not all such websites seem to be affected. 

This discussion has been closed.