Encrypted network traffic

If your system is configured to use SSL protocol scanning, a dialog window prompting you to choose an action will be displayed in two situations:

First, if a website uses an unverifiable or invalid certificate, and ESET Endpoint Antivirus is configured to ask the user in such cases (by default yes for unverifiable certificates, no for invalid ones), a dialog box will ask you whether to Allow or Block the connection. If the certificate is not located in the Trusted Root Certification Authorities store (TRCA), it is considered untrusted.

Second, if SSL protocol filtering mode is set to Interactive mode, a dialog box for each website will ask whether to Scan or Ignore the traffic. Some applications verify that their SSL traffic is not modified nor inspected by anyone, in such cases ESET Endpoint Antivirus must Ignore that traffic to keep the application working.


Illustrated examples

The following ESET Knowledgebase article may only be available in English:

Certificate notifications in ESET products

"Encrypted network traffic: Untrusted certificate" is displayed when visiting web pages

In both cases, the user can choose to remember the selected action. Saved actions are stored in the List of known certificates.