Menu
We've started encountering issues browsing to most https sites.
Examples include: https://technet.microsoft.com/, https://mail.google.com/, https://www.mozilla.org/en-US/firefox/new/, https://stackoverflow.com/
It appears that secure sites that we have visited previously work OK. Examples of these include: https://banking.westpac.com.au/, https://www.tppwholesale.com.au/login/, https://au.ingrammicro.com/
The errors we receive are:
ERR_BAD_SSL_CLIENT_AUTH_CERT
SSL_ERROR_ACCESS_DENIED_ALERT
The TLS protocol defined fatal alert code is 49. (These are also logged for Chrome, but not Firefox as it uses the Mozilla NSS encryption library.)We can prevent the problem by disabling TLS1.1 & TLS1.2 and enabling SSL2 & SSL3. As SSL2/3 have known vulnerabilities we want to resolve this issue properly.
Problem has been observed on Win7, Win8.1, Win10 WS2012R2 machines. It's affecting all our laptop computers except one that hasn't been in the office for over a month.
Extensive googling has failed to yield anything helpful - most SSL connection issues that are discussed seem to focus on the server certificate.
The above errors suggest it being an issue with the client certificate that our browsers are sending to the servers, so I have these questions:
I hope there's an SSL/TLS guru out there that can assist!
861
No need to uninstall ESET. Open ESET > Setup > Internet Protection > edit "Web Access Protection" > expand "Web Protocols" > disable "Enable HTTPS Checking".
123
It appears that ESET antivirus is the culprit here. Thanks to Nicolas Rey for flagging this on a Chrome forum (refer https://productforums.google.com/forum/#!msg/chrome/WHw6ow1kGUs/MW3gt1hZEQAJ)
The rollback option that Nicolas suggested didn't help, but uninstalling and reinstalling ESET resolved the issue.
28
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
