My Malware protection is blocking SBO

Status
Not open for further replies.
D

Dave

Forum Admin, Gen II
Staff member
Feb 1, 2023
66
For the geeks among us, the SSL (now deprecated, now a TSL) is a 10 step process that verifies the server and the client are who they say they are. The Certificate, which expired, is part of that process telling the client (that's us) the server or website is who it says it is.

When the certificate expired, the the browser issued a warning that it could not verify the identity of the server (SBO). The encryption between the server and client continued with a small risk the server might not be the server the client thought it was.

Cloudfare has several articles on the topic. The links are below.



Our certificate is now good until next February. I put it in my calendar to make certain the certificate is renewed in a timely fashion.

I think now is a good time to close the thread. It will remain visible.
 
  • Like
Likes: Leeward Rail
Davidasailor26

Davidasailor26

.
May 17, 2004
5,079
Beneteau Oceanis 37 Havre de Grace
Brian D said:
I have to take exception to this. Nothing between the sender and receiver should have the capability to "decrypt then encrypt" data. That violates privacy rules. Now if one is in a country that monitors you data then there is nothing one can do about this. However, if this is being done in THIS COUNTRY, then we have to do something about it. Encryption keys are encrypted between sender and receiver, and (hopefully) no one else.
Click to expand
I completely agree that nothing *should* decrypt the data, but some antiviruses do (and AVG is known to have that “feature”). Mozilla shows how to turn that off in the AVG section at How to troubleshoot security error codes on secure websites | Firefox Help. Corporate networks do this quite commonly so they can make sure viruses aren’t getting into their networks over encrypted connections. I agree an ISP doing this would be much more sketchy. Such an antivirus sitting somewhere between Leeward and SBO is the only explanation I have for why he’s seeing an AVG cert tied to SBO.


Brian D said:
The certificate certifies that the site in question is safe. Has nothing to do with encryption.
Click to expand
The certificate has a few different elements and purposes. Part of that is the signature to verify the site is authentic. Part of it is also the public key, which is what allows encryption. If someone spoofs the public key they’ll be able to read encrypted data, but the certificate wont be properly signed anymore, so browsers will know not to trust sending data there.
 
Brian D

Brian D

.
Feb 17, 2006
5,274
Lancer 27PS MCB Camp Pendleton KF6BL
Authentic is the word I *should* have used, not safe.
 
Status
Not open for further replies.

Top Bottom