Mailshield is breaking message sending

Hi,

We observed that when the Mail shield is on we can’t create neither an IMAP or SMPT connection because it returns with a RemoteCertificateChainError.
I added below the certificate info. It seems that Avast resigns the certificate and this is the reason why it fails.

Do you have any suggestions how should we proceed with this issue, you maybe have a white list or other solution . I think this issue posted yesterday also refers to the same problem https://forum.avast.com/index.php?topic=229462.0.
Please also let us know what other info you need from us.


+		certificate	{[Subject]
  CN=*.imap.mail.yahoo.com, O=Oath Inc, L=Sunnyvale, S=California, C=US

[Issuer]
  CN=Avast Web/Mail Shield Root, O=Avast Web/Mail Shield, OU=generated by Avast Antivirus for SSL/TLS scanning

[Serial Number]
  7E359A2F9D809D4CBD0019B8BFB33450

[Not Before]
  9/4/2019 3:00:00 AM

[Not After]
  3/2/2020 2:00:00 PM

[Thumbprint]
  A97E934BF71D3607FC59DBC8C7975CED1E52D474
}	System.Security.Cryptography.X509Certificates.X509Certificate {System.Security.Cryptography.X509Certificates.X509Certificate2}

Hello beczesz, welcome to the forums.

In general, you have to add Avast’s root certificate into mail client’s trusted certificate store.
It should be automatically done but in some cases you have to do that on your own.

So…

  • What is your mail client? (Outlook, Thunderbird, etc.)
  • What is your avast version/edition? (19.8 Free etc.)
  • What is your OS? (Windows 10 Home 64bit etc.)

Thank you for the fast response. We develop our own mail client in C# using MailKit.
The Avast version is 19.7.2388 (build 19.7.4674.531). We next have to see if we can programatically copy the Avast root vertificate into the trusted store.

I get back to you with results