I have just update my Avast product to version 19.5.2378 and it’s weird when this version changes all the Certificate in Chrome and Firefox to Avast web/mail shield root, ALL THE WEBSITE EXCEPT some top website like Digicert, Cloudflare, …!! and more, I can’t connect to this website: https://www.cloudflare.com/ssl/encrypted-sni/ on Firefox but in Chrome it’s fine, I have also enable secure dns and encrypt sni in Firefox, is this a webshield bug or it’s a feature ?? note that in the previous version, there is no Avast web/mail shield root on any website i visited.

Images about this problem is here: https://ibb.co/vsmQ7HX
https://ibb.co/1Qh2TS1
https://ibb.co/zGx3ynB

UPDATE: currently using version 19.6.2383 and I solve this issues by changing Web shield : ''Scan HTTPS"", hope this problem be solved

YOU GUYS DEV NEED TO DO SOMETHING, SECURITY FOR ALL

There is a whole bunch of posts about this in another topic related to this:

Start reading from there and a little above that post for background information.

The next incarnation of Firefox should be change how this is handled to prevent users being impacted in how Avast have implemented this ManInMiddle problem.

alright … JUST update to Firefox 68 and looks like it’s completely solved the problem , it’s weird that before i update to Firefox 68, setting the security.enterprise_roots.enabled in about:config does not work for me, idk why, but one thing is certain, Mozilla fixed it, thanks everyone !

You’re welcome.