HTTPS scanning

Hi
When I try to go to spybot forums i get this from firefox. (see attachment).

I enquired on there forum about it, was instructed to turn off HTTPS scanning, but I do not have it. Clearly see where it should be though. :-\

http://www.trishtech.com/2015/01/fixing-untrusted-connection-problem-resulting-from-avast-antivirus/

They said I should try here.

No such problem here :-\

What Windows version do you use ? As HTTPS scanning is not ( yet ) available in Windows XP and Vista.

Greetz, Red.

Hi Rednose

Use Vista Home SP2.

Just out of interest, do you have( Enable HTTPS scanning) in your settings in Web shield.

Hi gertty,

This has nothing to do with avast HTTPS scanning, but more with the firefox browser alerting to the fact that that connection is not trusted.
Google Chrome does not give that warning.
I get the following test results: Secure HTTPS Connectivity
Secure Connection Successful
We were able to connect securely to your HTTPS server. This means that your HTTPS server is listening for and also responding to secure requests.
SHA-2 Certificate
Your certificate is signed using the SHA-2 algorithm.
Name Match Successful
The server address which you provided matches the server name that is on the SSL certificate.

SSL verification issue (Possibly mis-matched URL or bad intermediate cert.). Details:
ERROR: cannot verify forums.spybot.info’s certificate, issued by ‘/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 2 Primary Intermediate Server CA’: Unable to locally verify the issuer’s authority.

Trusted No (No signatures could be verified because the chain contains only one certificate and it is not self signed.)

Not vulnerable to POODLE. forums.spybot.info has a verifiable certificate chain signed with SHA-2, that is NICE.
Not vulnerable to r OpenSSL Heartbleed vulnerability…

So the folks at https://forums.spybot.info/ have to take that up with firefox Mozilla or fix the verification
as it is using a non-valid certification. To visit the site anyway in firefox you can add an exclusion for that page.
Netcraft gibes the site as all green: http://toolbar.netcraft.com/site_report?url=https://forums.spybot.info

By the way Comodo Siteinspector also flags the site as suspicious - Transaction Protection
UNTRUSTED BY MICROSOFT
SSL Issuer: StartCom Class 2 Primary Intermediate Server CA
SSL Expires: 2017-04-23 03:06:13 UTC

Again a SSL certification issue and has nothing whatsoever to do with Avast https scanning.

polonus (volunteer website security analyst and website error-hunter)

Pol,

Firefox doesn’t give that warning to me, and I didn’t add an exclusion :-\

Greetz, Red.

Hi polonus

Thanks for your reply (wow very detail reply ).
I am not really tech savvy, I will try to do same research.

Was going to edit my post to polonus, and ask that question, you got their before me. :slight_smile:

Just noticed this post has been edited, now explains why I haven’t, got the box (Enable HTTPS scanning)
Thanks for that Rednose

I have a red Calomel (extension) warning in firefox, no public audit info available, untrusted connection
One report on WOT:
Auf htxp://www.safer-networking.org/de/mirrors/
leitet der 1.Haupt-Mirror zu einer unzuverlässigen Seite:
https://www.mywot.com/scorecard/spybot-now.com "jokalliauer

Secure login (1)
Password will be transmited securely to https://forums.spybot.info/login.php?do=login
Encryption (HTTPS) (1)
Communication is encrypted

polonus

Hi polonus

Once again thanks for info :slight_smile:

Once question, just curious why Rednose didn’t, get the warning when he used Firefox and i do.