Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Scan Ssl Blocks My Root Certificate.
philhippus
post Aug 18 2012, 01:14 PM
Post #1


Newbie


Group: Members
Posts: 3
Joined: 18-August 12
Member No.: 108,471



On Windows, I have imported a certificate into the Trusted Root store on the local machine. When Bitdefender is not set to "Scan SSL", the browser works perfectly to validate my signed certificates. When Scan SSL is on, the certs are flagged as untrusted by the operating system.

This can only mean that Bitdefender has caused my OS to use a different CTL than the default. How can Bitdefender accept the trusted root certificates that I import myself?
Go to the top of the page
 
+Quote Post
Christian
post Aug 19 2012, 10:44 PM
Post #2


Bitdefender Support
******

Group: Root Admin
Posts: 13,997
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hello (IMG:style_emoticons/default/smile.gif)

Welcome to the forums!

Could you please post here your website so we can further investigate this issue?

Thank you!
Go to the top of the page
 
+Quote Post
philhippus
post Aug 21 2012, 02:07 PM
Post #3


Newbie


Group: Members
Posts: 3
Joined: 18-August 12
Member No.: 108,471



Hello,

The problem is not with a particular website. I have looked into it a bit further. When I import my own trusted root certificate into the Windows certificate store, Bitdefender (with 'Scan SSL' set to 'on') is intercepting my certs and altering them based on its own CTL. This altered cert is then rejected by my OS.

There needs to be a way to manually add a trusted root cert to the Bitdefender CTL, without digging into BD's component files, or BD should use the OS certificate store for validation.

Edit: I should point out I am using my own SSL filtering HTTP proxy that generates signed certs on the fly, alongside BD. In order to get full functionality I have to turn off Scan SSL.

This post has been edited by philhippus: Aug 21 2012, 02:14 PM
Go to the top of the page
 
+Quote Post
Christian
post Aug 26 2012, 02:02 AM
Post #4


Bitdefender Support
******

Group: Root Admin
Posts: 13,997
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hello (IMG:style_emoticons/default/smile.gif)

Some services or websites do not support SSL scanning.

In this situation, we recommend you to turn off the feature when visiting one of those websites.

Take care.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 24th July 2014 - 08:33 AM