Menu
What's new
By:
Filters Better Search

AB-Solution webpage/antivirus problems

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Firefox handles certs differently; you have to import the cert into it, while Chrome and IE use the cert imported into windows--did you do that?
 
I did that long time ago and it didn't work... eset will still shownpop ups
kfp said:
Just to add to the above, you probably need to import the cert into ESET as well to be able to turn on the TLS feature again without it blasting warnings.
Click to expand...

Sent from S.G. S9+ Duos
 
Last edited:
I followed these instructions...
  1. Open your browser and visit http://192.168.1.2/ca.crt.
  2. Select "Trust this CA to identify websites" on the screen pop-up (I also ticked the e-mail box as I wasn't sure if that was needed as well).
  3. Click "Ok"
I'm still getting the error message as you can see. Also, I followed the procedure for Chrome on my daughter's laptop, but I didn't see any mention of a keychain as per these instructions...
  1. Double click on `ca.crt' to start Keychain's import wizard.
  2. Select keychain "system" and click "Add".
By the way, what is the difference between a "CA" and a "cert"? The instructions refer to a "CA Certificate".
 

Attachments

  • 001.jpg
    001.jpg
    40 KB · Views: 484
TheLyppardMan said:
By the way, what is the difference between a "CA" and a "cert"? The instructions refer to a "CA Certificate".
Click to expand...
I just realized the language I used was confusing, and have modified my comment to clarify.

When you set up an HTTPS server (pixelserv-tls is one) you will be creating two certs, one for the server itself and one as a CA that would sign/certify the previous one, hence the distinction.

I was just wondering if the wrong cert was imported so @sentineldvx is still seeing cert errors in ESET.
 
kfp said:
I just realized the language I used was confusing, and have modified my comment to clarify.

When you set up an HTTPS server (pixelserv-tls is one) you will be creating two certs, one for the server itself and one as a CA that would sign/certify the previous one, hence the distinction.

I was just wondering if the wrong cert was imported so @sentineldvx is still seeing cert errors in ESET.
Click to expand...
Could be[emoji39], I'll try again and update

Sent from S.G. S9+ Duos
 
So based on all the above, what do I need to resolve this issue? Also, I have received a reply from ESET at follows, but I'm not sure it makes much sense (to me at least):-

------------ Begin Quote ------------

Thank you for contacting ESET Technical Support.

Disabling SSL scanning does present an increased risk and is not recommended. It should be possible to allow the untrusted certificate by following the instructions in this article - https://support.eset.com/kb6407

Alternatively, you should be able to add the certificate and set it to allow, via ESET > Setup > Advanced Setup > Web And Email > SSL/TLS > List of known certificates (Edit) > Add - https://help.eset.com/eis/11.1/en-US/idh_config_epfw_ssl_known.html

If you have any problems or require any further assistance then please feel free to call us on 01202 405 405 and select option 3, one of our technical staff should be able to help. Our opening hours are 08:30-20:00 weekdays. It would be helpful if you could be at this page when you call: https://www.eset.com/uk/remote-support/

------------ End Quote ------------
 
I've probably just had about 50-60 popups from my AV, while trying to get to this page to add this additional message. I'm uploading just one example of what I am seeing.
 

Attachments

  • 008.jpg
    008.jpg
    48.2 KB · Views: 487

Attachments

  • 009.jpg
    009.jpg
    25.4 KB · Views: 394
TheLyppardMan said:
This is the add page in the GUI. What steps do I need to follow and what will this achieve?
Click to expand...

File > select your pixelserv ca.crt > select ‘Allow’ and click OK to confirm. That will import the CA into ESET so that it knows not to flag it. You then won’t see pop-ups even with SSL/TLS capabilities enabled.
 
kfp said:
File > select your pixelserv ca.crt > select ‘Allow’ and click OK to confirm. That will import the CA into ESET so that it knows not to flag it. You then won’t see pop-ups even with SSL/TLS capabilities enabled.
Click to expand...
Where do I find the Pixelserv certificate?
 
I've managed to install it with the URL option, but it still hasn't solved the problem.
 

Attachments

  • 001.jpg
    001.jpg
    42.3 KB · Views: 366
Restarting ESET makes no difference. I'm not going to waste any more time on this as it clearly causes more problems than it solves. I'll just use it for mobile devices and use uBlock Origin plug-in for Firefox.
 
TheLyppardMan said:
I followed these instructions...
  1. Open your browser and visit http://192.168.1.2/ca.crt.
  2. Select "Trust this CA to identify websites" on the screen pop-up (I also ticked the e-mail box as I wasn't sure if that was needed as well).
  3. Click "Ok"
I'm still getting the error message as you can see. Also, I followed the procedure for Chrome on my daughter's laptop, but I didn't see any mention of a keychain as per these instructions...
  1. Double click on `ca.crt' to start Keychain's import wizard.
  2. Select keychain "system" and click "Add".
By the way, what is the difference between a "CA" and a "cert"? The instructions refer to a "CA Certificate".
Click to expand...

Keychain is an Apple feature on Mac platform. If you aren't using macOS, you won't find it.

If you're using macOS, double click on "ca.crt" in your download directory that you've downloaded through "http://pixelserv ip/ca.crt" will launch Keychain.

TheLyppardMan said:
Where do I find the Pixelserv certificate?
Click to expand...

When you click on any URL that triggers a download action, on almost all desktop OS, the downloaded file is stored in your download directory.

So to re-iterate. e.g. when you click "http://pixelserv ip/ca.crt", the file ca.crt (also known as Pixelserv CA certificate) is downloaded and saved in your PC's download directory. You'll find the certificate there.
 
kvic said:
Keychain is an Apple feature on Mac platform. If you aren't using macOS, you won't find it.

If you're using macOS, double click on "ca.crt" in your download directory that you've downloaded through "http://pixelserv ip/ca.crt" will launch Keychain.



When you click on any URL that triggers a download action, on almost all desktop OS, the downloaded file is stored in your download directory.

So to re-iterate. e.g. when you click "http://pixelserv ip/ca.crt", the file ca.crt (also known as Pixelserv CA certificate) is downloaded and saved in your PC's download directory. You'll find the certificate there.
Click to expand...
Thanks. I realised that files are usually downloaded to the user's downloads directory, but what I hadn't realised was that visiting the above URL was actually downloading a file to my PC. Anyway, I've just tried again and it seems that it's already installed somewhere (see screenshot 1), but either way, it hasn't solved the problem, so I'm going to leave it switched off wherever I have the option to use a browser-based ad filter. This is easy to achieve with the Merlin firmware (screenshots 2 & 3).
 

Attachments

  • 001.jpg
    001.jpg
    38.1 KB · Views: 468
  • 002.jpg
    002.jpg
    23.6 KB · Views: 454
  • 003.jpg
    003.jpg
    24.4 KB · Views: 275
You must log in or register to reply here.
Similar threads
Thread starter Title Forum Replies Date
garycnew [SOLUTION] WAN_Connection: ISP's DHCP did not function properly Asuswrt-Merlin 2
M Internal or External Captive Portal Solution Asuswrt-Merlin 8

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 831 (members: 15, guests: 816)
Top