Hi.
My Comodo Firewall updated the other day, and now I usually get this alert when starting Chrome:
https://help.comodo.com/topic-435-1-841-10769-Understanding-Alerts.html
I click “Protect me and block the website access”…
Then some of my tabs show “Your connection is not private” and “net::err_cert_authority_invalid”
When I selected “net::err_cert_authority_invalid” in order to google it, certificate details appeared, including “Issuer: avast! Web/Mail Shield Root”.
The sites display normally after disabling… Avast > Settings > Components > Web Shield > Customize > Enable HTTPS scanning.
So avast generates its own certificates to access SSL, and Comodo is reporting it as a Man-in-the-middle attack?
Here’s what avast says:
https://blog.avast.com/2015/05/25/explaining-avasts-https-scanning-feature/
When the sites display correctly, the certificate issuer is not “avast! Web/Mail Shield Root”, but something like Symantec or thwate.
So, should I be concerned that avast is accessing my SSL?
Should I get rid of Comodo and use Windows firewall?
Should I disable avast’s SSL scanning?
thx