With the option Encrypted Connection Scanning set to always scan encrypted connections, each time the Tor Browser tries to establish a connection to a node, Kaspersky warns that either it “Cannot guarantee the authenticity of the domain to which an encrypted connection has been established” or that the “certificate chain is not complete”. I’ve added firefox.exe and tor.exe and all child applications to the Exclusions list, is there something else I can do to make it so that Tor can work with always scan on? I also tried adding 127.0.0.1 to the trusted domains list, but neither of the things I tried were successful.
Best answer by Flood and Flood's wife
Thank you for posting back, the additional information & the images
Looking at the images, there are many certificate discrepancies.
If the software is KAV subscription, not KAV Free, (ioo), before opting to use ”Scan encrypted connections upon request from protection components”, it would be best to log a case with Kaspersky Technical Support, fill in Application malfunction, Other template → image 5; Support will require Traces, logs & other data → they will guide you
- After submitting the case, you’ll receive an automated email with an INC+12digits reference number, then, normally, within 5 business days, a Kaspersky Technical Support human will be in touch, also by email, you may continue to engage with the Kaspersky Technical Team via email or by updating the INC in their MyKaspersky account.
When feedback from the Kaspersky Technical Team is available, please share it here in the Kaspersky Community?
Note: TOR is not a supported browser, on that basis, Support may say the issue is “out of scope”