Cannot bypass "Connection not protected "

[dirtrunner]

Hello, It started around two weeks ago, option to bypass "Connection not protected" - "I understand the risks and wish to continue", when using a self-signed certificate was gone. I used the option and 10 minutes later i wanted to use the option to bypass again and it was not there anymore. So i talked to the support and they told me to upgrade vom KIS 19.xx to 20.xxx . The Version im currently using is 20.0.14.1085 (d) on Microsoft Windows 10 x64 Build 17763. After upgrading KIS the option was back and usable. Today, to weeks later, i was working on my homeserver and tried to connect to it, i saw the message "Connection not protected" , i clicked "I understand the risks and wish to continue" - worked fine. Ten minutes later i tried to connect again and the message "Connection not protected" showed up, but again, the same as two weeks ago, the bypass option didn't appear. I using Firefox 69.0.3 (64-Bit). I also tried it with a second computer also with KIS, Win10 and Firefox and on this computer everything worked fine. Can you help me? I want the bypass option to appear again. Greetings Dirtrunner

[Flood and Flood's wife]

Hello dirtrunner, Welcome! So I don't get confused, I'll label the devices, Dev1 & Dev2.

1. Have you contacted Technical Support again, it's a recurring issue, what is their current advice?
2. Have Technical Support analysed the data from your devices?
3. Has an exclusion been added?
4. Does the issue only happen when connecting to homeserver?
5. Is Dev2 also MS10x64, 1809, 17763/KIS 20.0.14.1085(d)/Firefox software?
6. Please export the KIS Report, leave All Events as default, select the period where "Connection not protected" events are logged, export the report, save as text file and upload to your reply using the Upload icon?

Thank you.

[dirtrunner]

Hello FLOOD, thank you for you response :)

1. No, i have not. I'm going to call them tomorrow morning. The last advices i got from them, were to put the the url on the exceptionlist and/or to upgrade to 20.xxx. I asked for a solution to just have the bypass-option back, but they could'nt help. They just gave the upgrade and the exceptionslist option, i think the don't really wanted to solve the problem, just wanted to work around (in my opinion).
2. No, they haven't
3. I'm not sure if i got that right. You mean to add the url/ip to the exceptionlist (or whitelist)? Yes they showed told me how to do it. And it worked, but i just want the bypass option back. I connect to different "servers"/devices without a correct certificate and i don't want to whitelist them all again,
4. The Homeserver in this case is a raspberrypi, since i got the problem the first time i installed the "server" completly new. But at the moment, i have no other server to test it. I tried badssl.com but for all cases the option "I understand the risks and wish to continue" showed up.
5. Dev1 is the one with the problems, i did a Windows-Update since my last post: KIS 20.0.14.1085 (d) on Microsoft Windows 10 x64 Build 18362, was 19.xxx before the upgrade. But had also the problems with 19.xxx. Firefox 69.0.3 (64-Bit). Dev2 is the one which is working all the time: KIS 19.0.0.1088(h) on Microsoft Windows 10 x64 Build 18362 and Firefox 69.0.3 (64-Bit).
6. I had to anonymize the homeserver url to "xxxx.homeserver.url" . Is the uploaded part enough or do you need more?

Hope you can help me :)

[Flood and Flood's wife]

Hello dirtrunner, Thanks for replying and you're welcome!

1. Please upload the original report to cloud & pm me the link?
2. Copy the full history of the INC, upload to cloud & pm me the link?

1. Is the issue happening using an application (connecting to the "homeserver") or is it happening with Firefox browser?
2. Can you explain, expand "homeserver" information, it's not clear?

A workaround, that doesn't work, is not a solution. ?Replicate the issue & at the same time run traces, collect logs and data and escalate back to the Lab, tell them to help you? Please post back? Thank you.

[dirtrunner]

Hello FLOOD, thanks for your response :) Yes, i can do it tomorrow when im back on the computer :) What do you mean with "the full history of the INC"?

1. Its happening when i try to open the webinterface of the "homeserver" with firefox.
2. The homeserver is in this case a raspberry pi, with the latest raspbian and nextcloudpi, so a little cloudserver. I have the problem when i'm trying to open the nextcloud webinterface with firefox.
3. The problem is the certificate is registred to the DynDNS url used to connect to the server from the outside of my network. So when i tried to enter the webinterface directly from my network via the intern IPv4, the certificate name doesn't match url. Hope you know what i mean.

Yes, i'm going to call tomorrow morning, i will keep you informed, about their solution :) PS: English is not my mother tongue. For this reason I apologize for any inaccuracies.

[Flood and Flood's wife]

Hello dirtrunner, English is my mother tongue & I still get it "wrong"! Don't worry, you're doing great:clap_tone3:, if you hadn't mentioned MT I would never have known! --

1. May I have the Report (again) please, select All Events - 7 days, export, do not modify the report, upload to cloud & pm the link please?
2. INC# - the request number allocated, by the Lab, for the issue.
3. Have all your interactions (with the Lab) been by phone?
4. Do you have a"trail" of the INC/history, emails? I really need to see a complete history please?
5. Have you added an exclusion for the homeserver?
6. Is the issue only happening when using Firefox browser, does or does not happen if other browsers are used?
7. Has the Lab told you how to collect Traces, GSI/Windows Logs, Reports, images?
8. Please carefully check the documents at the end of my reply, you may have already used the doco, if so that's fine.

Please post back? Thank you. Secure traffic control error in the Mozilla Firefox or Thunderbird How to add the Kaspersky Lab root certificate to the Mozilla Firefox or Thunderbird certificate storage How to troubleshoot security error codes on secure websites

[dirtrunner]

Hello FLOOD, thanks for the respone and the compliment :)

1. I checked my mails again and saw that they requested more informations from me via mail. They didn't told me on the phone that they would need more informations. So I did not expect this e-mail and therefore overlooked it. I'm going to call them tomorrow and ask if i can still reply, because it seems that they closed the case. INC000010841689
2. I had two contacts with the support about 2 weeks ago, both one day. After upgrading to 20.xx i had no problems until yesterday. But i have to say, i didn't worked much with cloud.
3. I only have the two mails, where they are asking for more informations and the one that they closed the case. In the first mail they asked for a screenshot, the systemreports with GetSystemInfo6.2.exe and told me to install the lastest KIS-Version.
4. Yes, i had an exclusion before upgrading to 20.xxx and it worked fine, the message "Connection not protected", but i reset all settings before upgrading to 20.xx. After the upgrade the message ""Connection not protected" but the bypass-option was available so everything was fine for me until yesterday, when the bypass-option was suddenly no longer available.
5. The Issue is also happening when using Micrsoft Edge.
6. In the e-mail are informations about creating a report with GetSystemInfo6.2.exe

I'm going to read the informations you send in the morning, i only have 3 hours left, to sleep a little. Thank you so much for your help. I will post back tomorrow, after calling the support and reading documents :) Greetings Dirtrunner

[Flood and Flood's wife]

Hello dirtrunner, You are very welcome!

1. (imo) log into your MyKaspersky account, create a new INC.

The Lab will not reopen INC000010841689, they will raise a new INC, however, only INCs raised in MyK accounts can be tracked by Customers, any INCs raised by phone or online chat do not show up in our MyK requests queue and verbal comms are not sufficient to cover issues such as this.

1. I will add a few steps for you to collect the data you need to attach to your new INC.

1. Take your time:wink:, after you've rested:sleeping:, upload (to cloud) the unedited, All Events, 7 days Report & pm the link?

Thank you:pray_tone3:

[Flood and Flood's wife]

Hello@dirtrunner,

I hope you had a good rest? I had a 😴 too😉

Data collection for your (resubmitted/new INC):

GSI & windows Logs - save zip folder to desktop.

Un-modified KIS Report.

Images

Log into your MyKaspersky account, raise a new incident, choose template Application Malfunction, Incompatability with 3rd Party Software, add full problem details, history, include (reference) INC000010841689, upload the GSI/Windows Logs, KIS Report, images, tell the Lab the issue is not resolved.

Ask the Lab to help? (The Lab may ask for Traces captured when the issue is replicated, they will guide you with this is it’s required ).

Please let us know the outcome?

Thank you🙏

[Wesly.Zhang]

Hello,

Was it solved?

Regards.