Kaspersky
Solved

What harm can invalid SSL certificate cause? [Closed]

  • 24 December 2019
  • 9 replies
  • 7702 views

Userlevel 2

Hello,

I’ve been to a site that Kaspersky warned me about not having valid SSL cert. I still went to that site, but right after that left it. I didn’t log in or send any information there, just left it without doing anything. Am I safe?

icon

Best answer by Berny 24 December 2019, 14:31

(the site was a local internet provider site that probably had expired cert, but im not sure)


Also and FYI ,
for further investigation you could eventually proceed with a Qualys SSL Server Test

View original

This topic has been closed for comments

9 replies

Userlevel 7
Badge +9

Hello  @Rimanah,

Welcome!

Certificate warning may be due to a discrepancies, for example: name mismatch, an expired certificate, there can be various reasons.

Kaspersky seeks to protect you at all times. 

Having gone to the site and not entering any data should be relatively safe, if a little unwise.

As most sites store cookies and data, it would be advisable to refresh the browser.

Remember, at the end of the day, if you choose to ignore Kaspersky, the outcome is not always without grief.

Thank you. 

Userlevel 2

I have immediately deleted the browser data(history>delete browsing data>Advanced>DELETE), so does it mean I’m 100% safe? Couldn’t anyone use just the connection to the site to hack me? I ignored the warning, because I thought that I would be unsafe only if I would enter data(that’s why I’m asking). So yeah, am I completely safe now after I deleted browser data?

Userlevel 7
Badge +9

@Rimanah

Kaspersky software works to protect at all times, however, if users choose to ignore Kaspersky warnings, then no-one can expect any software to offer 100% protection. 

If you’ve refreshed the browser, not gone back to the site, have not downloaded any unverified sofware, have used KIS Privacy Wizard, you should be fine, however, if you take risks, be aware of potential consequences. 

When there’s a red traffic light, you don’t drive straight thru an intersection.

Thank you. 

 

Userlevel 2

I havent done anything on the site except leaving IT(didnt enter any data). The ONLY thing Kaspersky Saíd was that the site had invalid SSL cert. So from my understanding, it should be fine if I didnt send any data and deleted cookies And stuff(I also had the Kaspersky Tracker blocker activated). Also the site was then marked with the Green SHIELD when i searched IT in Google And Virustotal had no detections either. I really do Hope thats all I can do to stop a possible(unlikely) Attack(the site was a local internet provider site that probably had expired cert, but im not sure). So should I be still fine? What could possibly happen on a invalid SSL cert site?

Thanks

 

 

 

 

 

Userlevel 7
Badge +9

Hello @Rimanah,

You should be fine, however, it’s always better not to take risks in the first place.

Thank you

Userlevel 2

So just entering a site with invalid SSL cert Is fine(if i didnt enter any data)?

Userlevel 7
Badge +9

@Rimanah 

Kaspersky’s documented advice:

Certificate problem notification when opening a website
Thank you

 

Userlevel 2

Ive read that, but Its too vague. Just a Simple yes or no Is enough. So i repeat: 

So just entering a site with invalid SSL cert Is fine(if i didnt enter any data)?

  •  
Userlevel 7
Badge +8

(the site was a local internet provider site that probably had expired cert, but im not sure)


Also and FYI ,
for further investigation you could eventually proceed with a Qualys SSL Server Test