ESET Online Help

Search English
Select the topic

Certificates

For SSL communication to work properly in your browsers/email clients, it is essential that the root certificate for ESET be added to the list of known root certificates (publishers). Add the root certificate to known browsers should be enabled. Select this option to automatically add the ESET root certificate to the known browsers (for example, Opera and Firefox). For browsers using the system certification store, the certificate is added automatically (e.g. Internet Explorer). To apply the certificate to unsupported browsers, click View Certificate > Details > Copy to File and then manually import it into the browser.

In some cases, the certificate cannot be verified using the Trusted Root Certification Authorities store (e.g. VeriSign). This means that the certificate is self-signed by someone (e.g. administrator of a web server or a small business company) and considering this certificate as trusted is not always a risk. Most large businesses (for example banks) use a certificate signed by TRCA.

If Ask about certificate validity is selected (selected by default), the user will be prompted to select an action to take when encrypted communication is established. An action selection dialog will be displayed where you can decide to mark the certificate as trusted or excluded. If the certificate is not present in the TRCA list, the window is red. If the certificate is on the TRCA list, the window will be green.

You can select Block communication that uses the certificate to always terminate an encrypted connection to the site that uses the unverified certificate.

If the certificate is invalid or corrupt, it means that the certificate expired or was incorrectly self-signed. In this case, we recommend that you block the communication that uses the certificate.