What to do when suspicious connection is blocked due to an expired certificate?

BitDefender is blocking a spefic connection associated with Firefox (my browser) due to an expired certificate. If Firefox doesn't update it, then do I have to abandon Firefox?

Answers

  • Gjoksi
    Gjoksi Defender of the month mod

    Hello.

    On the same issue, check out this comment:

    Regards.

  • I know I can add this to the Exceptions. But, It's also suspicious to me, too. How do I know if it's safe to "exceptionalize" it? Adding it to the exceptions, unblocking it, or turning it off might not be the right thing to do.

  • Gjoksi
    Gjoksi Defender of the month mod

    Hi again.

    That's why it is written:

    "This notification is triggered by the Online Threat Prevention module whenever the website you are trying to access doesn't have a SSL certificate(https) and that is not safe to access it.".

    Also, you can read this:

    "This alert appears when you try to visit a secured website (HTTPS) with an invalid security certificate. It tends to be websites with lots of ads, such as news websites, and analytics companies with an expired certificate trying to establish a connection. If you wish, you can check their SSL certificates at https://www.sslshopper.com/.

    To avoid any security risk, it is advisable to exit right away the page you are about to visit. It’s that easy. No further action is required on your part.".

    Mozilla Firefox has nothing to do with the website's certificate. Even if you open the website in other browsers like Chrome, Opera, Edge etc., the website's certificate wll be still invalid/untrusted and you will get notified by Bitdefender again.

    Regards.

  • But, the notice specifically said FireFox, and no other site was identified. If that's not true, then there's not much else I can do.

  • I am also having false alerts. My own web site has a valid certificate from LetsEncrypt that gets flagged as untrustworthy. I assume my web site visitors are also getting the same false message. Both MS Edge and Google Chrome recognize the certificate as valid. It is only BitDefender that seems to think it is a threat. What's up with that?

  • Gjoksi
    Gjoksi Defender of the month mod

    @BJohnson

    Hello.

    You can report the URL(s) as false positive to Bitdefender Labs here:

    https://www.bitdefender.com/consumer/support/answer/29358/

    Regards.

  • Thank you. I submitted the request.

  • i’ve been signing documents in dotloop software and bit defender just started blocking my access, saying that the URL is unsafe due to expired certificate. Why did it just start doing that?

  • Flexx
    Flexx mod
    edited July 22

    Enter the website in the below-stated website link to check for any certificate issues.

    https://www.sslshopper.com/ssl-checker.html

    https://sitecheck.sucuri.net/

    If the website check reveals any certificate issues, please contact the website's support team and report the problem. Alternatively, if the websites appear to be functioning correctly with no certificate issues or other problems, kindly contact Bitdefender support by visiting https://www.bitdefender.com/consumer/support/help

    Select, How to's & Troubleshooting Bitdefender productsTroubleshootingI don't knowContact Support→ You will get the option of chatcall or email.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)