[KB6672] Certificate notifications in ESET home and small office products for Windows

Issue

Solution

SSL/TLS protocol filtering and root certificates

SSL/TLS protocol filtering allows ESET home and small office products for Windows to scan for threats in communications that use the SSL/TLS protocols. SSL/TLS protocol filtering is enabled by default in all ESET home and small office products for Windows.

We recommend that you keep this setting enabled to ensure that your ESET security product provides you with the maximum level of protection. To disable or re-enable SSL/TLS protocol filtering for troubleshooting purposes, manage SSL/TLS protocol filtering.

When SSL/TLS protocol filtering is enabled, your ESET security product adds ESET root certificate to your local machine. The ESET root certificate is trusted and valid, and it allows your product to scan SSL traffic to verify if other certificates are also trusted and valid. If your product detects an untrusted or invalid certificate, we will alert you with one of several notifications.

Review the notifications below for more information.


ESET certificate notifications

Website certificate revoked

This notification alerts you that the security certificate for a website is expired, the security certificate has been revoked by the issuing Certificate Authority, or that the issuing Certificate Authority itself has been revoked.

Read more about Website certificate revoked notification.

Figure 1-1
Encrypted network traffic: Untrusted certificate
Certificate validity of websites

If a website has one or more certificates, the administrator or the owner of that website should ensure that all of its certificates are valid. When ESET alerts you about an invalid certificate on a website, it is up to the website to correct the issue. ESET is not responsible and cannot resolve these types of issues.

This notification alerts you that a certain application is trying to communicate over a channel encrypted with an untrusted certificate. You may also receive this notification when an ad with an invalid certificate tries to load on a website.

Read more about Encrypted network traffic: Untrusted certificate notification.

Notification appearance might be different based on the product settings.

Figure 1-2
Figure 1-3
Activation failed / Error Code: ECP.20031

This notification alerts you that outdated or insufficient security certificates were encountered during the installation of your ESET security product.

You can find the Error Code in the bottom right corner of the product window.

Read more about the certificate validation failure during installation or activation of ESET products.

Figure 1-4

Non-ESET certificate notifications

Connection is untrusted / sec_error_reused_issuer_and_serial error message

These notifications come from your browser rather than your ESET security product.

Verify that you have SSL/TLS protocol filtering enabled in your security product.