Kaspersky
Solved

Certificate warning but site is genuine [website cert is invalid] [HTTPS Everywhere]

  • 22 February 2021
  • 52 replies
  • 547 views

Userlevel 1
Badge

Here we go again !

Previously this happened when following links in emails - this seems to have been fixed - now it’s happening when going from bookmarks.

I don’t believe there is anything dangerous about the site madeiracablecar.com.

What I do know is that ontales.com is a company in Madeira operating tourist activities so it is more than likely that it runs or even owns the cable car, or maybe they just manage the website.

So again we seem to have a case of KIS being over-zealous and just a nuisance.

Please don’t tell me again that this certificate is illegal when there is a clear connection to the owner.

Maybe KIS needs to better understand how companies work in Europe and the UK.

 

icon

Best answer by rufford155 13 March 2021, 17:29

Well I have solved the damn thing at long last, hope you are still with me.

There was no problem with Chrome (or IE) so I compared the extensions I had in Edge to those in Chrome and removed one-by-one those only in Edge and re-tried the bonavacantia.gov.uk site each time - the last one tried solved it !

Eureka!!!!  The culprit was HTTPS Everywhere, so I have removed it permanently.

I have also checked a couple of the other bookmark links and they are all now OK.

Only goes to prove there is always an answer even if you don’t understand the reason for it.

I thank you sincerely for your help and can only apologise for taking up your time.

View original

52 replies

Userlevel 7
Badge +4

What does the error message say?

Userlevel 7
Badge +4

Hello @rufford155 

Also in additional to what @richbuff said, Which browser do you use when KIS report website certification error?

Regards.

Userlevel 1
Badge

What does the error message say?

It said this :- 

Userlevel 1
Badge

Hello @rufford155 

Also in additional to what @richbuff said, Which browser do you use when KIS report website certification error?

Regards.

Edge

Userlevel 7
Badge +9

What does the error message say?

It said this :- 

Hello @rufford155

Thank you for the image:ok_hand_tone3:

  1. Post the screens that are available AFTER Details is selected please?  
  2. Read all documents in, messages "Certificate verification problem detected" and "Cannot guarantee authenticity of the domain to which encrypted connection is established" when trying to open a website

Thank you:pray_tone3:

Flood:whale: +:whale2:

Userlevel 7
Badge +4

What does the error message say?

It said this :- 

Hello,

Please press show details and tell us what's content in it. Thanks.

Regards.

Userlevel 1
Badge

The details just say the certificate is invalid - it’s the standard thing every time.

I have already posted the certificate in my OP.

What else do you need ?

Flood - I know about the other threads and I even had one of my own about it before.

I know I can exclude the affected sites but when it keeps happening it’s just a damned nuisance and I don’t want to stop the checks altogether as KIS might just get it right some day.

I’m beginning to think no-one believes it’s KIS that is over-enthusiastic and needs toning down when it’s clear it is producing false positives.

Userlevel 7
Badge +4

The details just say the certificate is invalid - it’s the standard thing every time.

I have already posted the certificate in my OP.

What else do you need ?

Flood - I know about the other threads and I even had one of my own about it before.

I know I can exclude the affected sites but when it keeps happening it’s just a damned nuisance and I don’t want to stop the checks altogether as KIS might just get it right some day.

I’m beginning to think no-one believes it’s KIS that is over-enthusiastic and needs toning down when it’s clear it is producing false positives.


Hello,

Please go to system certificates manager: win + R , input certmgr.msc and enter. Could you tell me those two certificates expiration time are the same to me or one of them is expired?

Go Daddy Root Certificate Authority

Go Daddy Secure Certificate Authority

Regards.

Userlevel 7
Badge +4

And how about the expiration time of “Kaspersky Anti-Virus Personal Root Certificate”?

Regards.

Userlevel 1
Badge

Both GoDaddy expiry dates are the same as yours.

There is no GoDaddy in the intermediates.

Kaspersky personal is 2030.

Userlevel 7
Badge +4

Both GoDaddy expiry dates are the same as yours.

There is no GoDaddy in the intermediates.

Kaspersky personal is 2030.


Hello,

  1. Do you have only one Kaspersky Anti-Virus Personal Root Certificate in Trusted certification Authorities, right ?
  2. What KL product do you use?
  3. Could you access this website: https://certs.godaddy.com/repository/

Regards

Userlevel 1
Badge
  1. One
  2. KIS 21-2-16-590(b)
  3. Sorry, I can’t be bothered

You seem to think there’s something wrong with my set-up when clearly KIS is over sensitive and giving false positives.

I am ending this thread and going to support.

Userlevel 7
Badge +4
  1. One
  2. KIS 21-2-16-590(b)
  3. Sorry, I can’t be bothered

You seem to think there’s something wrong with my set-up when clearly KIS is over sensitive and giving false positives.

I am ending this thread and going to support.


Hello,

No, My suspicion is that there is a problem on the network CDN node, not the Kaspersky setup. If you can access https://certs.godaddy.com/repository/ , This can be considered as there is no problem in requesting the digital signature authentication link.

I think the digital signature in CDN network node is invaild. From my side, this website could be access without any digtial signature issue with KL product. But for you, Something goes wrong. Maybe wait for serval days, It will be OK, maybe not. I think KL support couldn’t resolve this type issue.

If this issue persist, Please add a exclusive rule for this website:

https://support.kaspersky.com/common/safemoney/12489#block4

Regards.

Userlevel 1
Badge

But it’s not just that website - it’s lots of them !

I had a good example yesterday, Reid’s Hotel in Madeira that KIS didn’t like. The certificate was issued to Belmond who are the parent company that owns the hotel and therefore by implication the website.

But KIS is not able to recognise cases like this which is why there are so many false positives.

I was going to post the certificate here but I discovered today that, having clicked through to the site anyway by accepting the risks, KIS no longer flags it up - so it seems it does at least remember my previous choice.

Userlevel 3
Badge

@rufford155 

As you may have noticed from my recent post on this forum, I too have been suffering from Certificate problems. I’ve also noted that pressing a “wrong” button on  the error message tends to inhibit further flagging. I’ve taken to making a KIS Configuration backup - thus if the error vanishes it can be repeated by restoring the KIS config using the backup.

Hope this helps with a vexing problem.

Fortunately mine, at present, seems to occur with only one site.

Userlevel 7
Badge +4

Hello,

Could you give more website occured this issue? Let us check what the problem it is?

Regards.

Userlevel 7
Badge +4

Hello, @rufford155 

Reid’s Hotel in Madeira

This website? https://www.belmond.com/hotels/europe/portugal/madeira/belmond-reids-palace/

It seems No problem related to digital certification issue at all. is it?

Regards.

Userlevel 1
Badge

Hello, @rufford155 

Reid’s Hotel in Madeira

This website? https://www.belmond.com/hotels/europe/portugal/madeira/belmond-reids-palace/

It seems No problem related to digital certification issue at all. is it?

Regards.

Well there won’t be a problem if you start at Belmond itself who have the certificate.

But when you have reached Reids Hotel, bookmark that page > close browser > reopen browser > Find and click your Reids bookmark.

What happens then ?

Userlevel 1
Badge

@rufford155

As you may have noticed from my recent post on this forum, I too have been suffering from Certificate problems. I’ve also noted that pressing a “wrong” button on  the error message tends to inhibit further flagging. I’ve taken to making a KIS Configuration backup - thus if the error vanishes it can be repeated by restoring the KIS config using the backup.

Hope this helps with a vexing problem.

Fortunately mine, at present, seems to occur with only one site.

Thanks for that and I’m glad you are managing it, as I am too.

But I’m pleased to find someone on here who actually believes me !

Userlevel 7
Badge +4

Hello, @rufford155 

Reid’s Hotel in Madeira

This website? https://www.belmond.com/hotels/europe/portugal/madeira/belmond-reids-palace/

It seems No problem related to digital certification issue at all. is it?

Regards.

Well there won’t be a problem if you start at Belmond itself who have the certificate.

But when you have reached Reids Hotel, bookmark that page > close browser > reopen browser > Find and click your Reids bookmark.

What happens then ?


Hello,

Could you provide me the url for “Reids Hotel”? I don’t know where it is, bro.

Regards.

Userlevel 1
Badge

Sorry, I thought you said you had been there via belmond.com ?

Otherwise, google it maybe.

Userlevel 7
Badge +4

Sorry, I thought you said you had been there via belmond.com ?

Otherwise, google it maybe.


Hello,

I don't know what you mean. Please tell us the reproduce issue step in details, Thanks.

Regards.

Userlevel 1
Badge

This is what you said :

Reid’s Hotel in Madeira

This website? https://www.belmond.com/hotels/europe/portugal/madeira/belmond-reids-palace/It seems No problem related to digital certification issue at all. is it?

So you had found the hotel web page hadn’t you ?

Then this is what I said :

Well there won’t be a problem if you start at Belmond itself who have the certificate.But when you have reached Reids Hotel, bookmark that page > close browser > reopen browser > Find and click your Reids bookmark.What happens then ?

I don’t know how to put this any differently !

Userlevel 7
Badge +4

This is what you said :

Reid’s Hotel in Madeira

This website? https://www.belmond.com/hotels/europe/portugal/madeira/belmond-reids-palace/It seems No problem related to digital certification issue at all. is it?

So you had found the hotel web page hadn’t you ?

Then this is what I said :

Well there won’t be a problem if you start at Belmond itself who have the certificate.But when you have reached Reids Hotel, bookmark that page > close browser > reopen browser > Find and click your Reids bookmark.What happens then ?

I don’t know how to put this any differently !


Hello,

I make a screen video record on trying to reproduce the issue you have encountered, Unfortunatly, I couldn't. Do I do something wrong?

https://cloud.qainfo.ru/s/Eqg3DiPXXL7hONQ

Regards.

Userlevel 7
Badge +9

Hi @Wesly.Zhang,

We did the test last night & again tonight:

 

 

Thank you:pray_tone3:

Flood:whale:+:whale2:

 

Reply