Kaspersky
Solved

When Opening tor, Kaspersky gives tons of "Cannot garuntee the authenticity of the domain" errors

  • 4 February 2021
  • 3 replies
  • 43 views

With the option Encrypted Connection Scanning set to always scan encrypted connections, each time the Tor Browser tries to establish a connection to a node, Kaspersky warns that either it “Cannot guarantee the authenticity of the domain to which an encrypted connection has been established” or that the “certificate chain is not complete”. I’ve added firefox.exe and tor.exe and all child applications to the Exclusions list, is there something else I can do to make it so that Tor can work with always scan on? I also tried adding 127.0.0.1 to the trusted domains list, but neither of the things I tried were successful.

 

 

Thanks!

icon

Best answer by Flood and Flood's wife 5 February 2021, 12:00

Hello @Shinaolord

Thank you for posting back, the additional information & the images:ok_hand_tone3:

Looking at the images, there are many certificate discrepancies. 

If the software is KAV subscription, not KAV Free, (ioo), before opting to use ”Scan encrypted connections upon request from protection components”, it would be best to log a case with Kaspersky Technical Support, fill in Application malfunctionOther template → image 5; Support will require Traces, logs & other data → they will guide you

 

 

 

 

 

  • After submitting the case, you’ll receive an automated email with an INC+12digits reference number, then, normally, within 5 business days, a Kaspersky Technical Support human will be in touch, also by email, you may continue to engage with the Kaspersky Technical Team via email or by updating the INC in their MyKaspersky account.

When feedback from the Kaspersky Technical Team is available, please share it here in the Kaspersky Community? 

:warning: Note: TOR is not a supported browser, on that basis, Support may say the issue is “out of scope”:thinking:

Thank you:pray_tone3:

Flood:whale: +:whale2:

View original

3 replies

Userlevel 7
Badge +9

Hello @Shinaolord

Welcome back!

Please tell us:

  1. KAV version & patch(x)  → on the Windows Taskbar, rightclick the Kaspersky icon, select About
  2. TOR version?
  3. Windows version & build
  4. Do Windows Updates all have a Successfully applied status? 
  5. Post a full screen image of “Cannot guarantee the authenticity of the domain to which an encrypted connection has been established” or that the “certificate chain is not complete” including the certificate details please? 
  6. & please read: Messages "Certificate verification problem detected" and "Cannot guarantee authenticity of the domain to which encrypted connection is established" when trying to open a website

Please post back? 

Thank you:pray_tone3:

Flood:whale:+:whale2:

I was hoping “Always scan encrypted connections” could be bypassed by excluding certain applications, if not, I can default to the option that it comes on--”Scan encrypted connections upon request from protection components”-- it’s not a big deal, I’d just prefer to have it always scan except for specific applications. I would whitelist the websites, and as this screenshot shows, when trying to connect to a TOR relay, there are quite a random assortment of them when connecting.

 

 

Kaspersky AV Version:  21.2.16.590(b)

Tor Version: 10.0.10

Windows 10 Pro (x64): Build 20H2, 19042.782

 

Does that help? I tried to answer all the questions you asked :) .

Userlevel 7
Badge +9

Hello @Shinaolord

Thank you for posting back, the additional information & the images:ok_hand_tone3:

Looking at the images, there are many certificate discrepancies. 

If the software is KAV subscription, not KAV Free, (ioo), before opting to use ”Scan encrypted connections upon request from protection components”, it would be best to log a case with Kaspersky Technical Support, fill in Application malfunctionOther template → image 5; Support will require Traces, logs & other data → they will guide you

 

 

 

 

 

  • After submitting the case, you’ll receive an automated email with an INC+12digits reference number, then, normally, within 5 business days, a Kaspersky Technical Support human will be in touch, also by email, you may continue to engage with the Kaspersky Technical Team via email or by updating the INC in their MyKaspersky account.

When feedback from the Kaspersky Technical Team is available, please share it here in the Kaspersky Community? 

:warning: Note: TOR is not a supported browser, on that basis, Support may say the issue is “out of scope”:thinking:

Thank you:pray_tone3:

Flood:whale: +:whale2:

Reply / Ответить