ssl scanning... Your connection is not private

Hi.

My Comodo Firewall updated the other day, and now I usually get this alert when starting Chrome:

https://help.comodo.com/topic-435-1-841-10769-Understanding-Alerts.html

I click “Protect me and block the website access”…

Then some of my tabs show “Your connection is not private” and “net::err_cert_authority_invalid”

When I selected “net::err_cert_authority_invalid” in order to google it, certificate details appeared, including “Issuer: avast! Web/Mail Shield Root”.

The sites display normally after disabling… Avast > Settings > Components > Web Shield > Customize > Enable HTTPS scanning.

So avast generates its own certificates to access SSL, and Comodo is reporting it as a Man-in-the-middle attack?

Here’s what avast says:

https://blog.avast.com/2015/05/25/explaining-avasts-https-scanning-feature/

When the sites display correctly, the certificate issuer is not “avast! Web/Mail Shield Root”, but something like Symantec or thwate.

So, should I be concerned that avast is accessing my SSL?

Should I get rid of Comodo and use Windows firewall?

Should I disable avast’s SSL scanning?

thx

avast need to use its own certificate or it will not be able to scan TLS/SSL traffic.

If you can use the windows firewall depends on your Windows version.
If you have Windows 7 (or higher), there is no need for a third party firewall.

Avast does do a “Man-in-the-middle” attack in order to scan HTTPS(SSL/TLS) traffic. Seeing the avast generated certificate is normal when running Avast.

If this concerns you, you can disable the avast Web Shield to stop this behavior, but it will increase your exposure to malware sent over secure sites (I do not recommend it).