How to disable Certificate protection

[Neptune]

Hello,

We have KSC 11.0.0.1131 with 300 clients KES 11.1.1.126.

Since the 11.1 update we’re receiving a kaspersky notification page when we visit local webpage or internet website with wrong certificate. This is acceptable. Unfortunatly sometimes we see this error even on perfectly fine website like google.com (see attachement)

I don’t understand why this happen but i want to DISABLE this certificate checking function, it’s causing too many problems. For example it’s impossible now to see the expiring date of our certificates on our website.

I searched everywhere on KSC, checked the help and search online. How to completely disable this function?

Thanks

 

[raviparker]

Hey,

Please go to the respective KES policy « then go to general setting« network settings and uncheck encryted connection. Hope this helps.

 

 

[Alexey]

Hey,

Please go to the respective KES policy « then go to general setting« network settings and uncheck encryted connection. Hope this helps.

 

 

Be carefull, because this option disable inspection of all https traffic, before you try this you can try to add Trusted domains by ip or dns name. If it doesn’t help uncheck encrypted connection.

Or create policy profile to use this options on necessary groups of computers.

[Neptune]

Thanks raviparker! It works!

 

Anyone understand how it’s possible that it “works” even on google.com like in the attachement? I’m not happy to disable a protection component but I can’t populate a whitelist with all the website on the web.

[Alexey]

Thanks raviparker! It works!

 

Anyone understand how it’s possible that it “works” even on google.com like in the attachement? I’m not happy to disable a protection component but I can’t populate a whitelist with all the website on the web.

As we suggested, Kaspersky certificate is introduced into the inspection of https and the sites does not like it, that something try to inspect already secure traffic….

[raviparker]

Thanks raviparker! It works!

 

Anyone understand how it’s possible that it “works” even on google.com like in the attachement? I’m not happy to disable a protection component but I can’t populate a whitelist with all the website on the web.

Don’t worry about the protection, unchecking this option doesn’t makes you vulnerable. Also, scanning encrypted connection is little bit resource intensive and may make your web experience slow on legacy hardware.

[Neptune]

Ok thanks, I’m keeping it disabled and test how it works.

Any further idea or suggestion from community is apreciated.

[aehrlich]

I’ve encountered this “untrusted certificate” error messages if the remote site was actually inaccessible; I guess “error setting up tls with remote site for _any_ reason” results into such an error page presented by Kaspersky, too.

[tmkguy]

Hello,

We have KSC 11.0.0.1131 with 300 clients KES 11.1.1.126.

Since the 11.1 update we’re receiving a kaspersky notification page when we visit local webpage or internet website with wrong certificate. This is acceptable. Unfortunatly sometimes we see this error even on perfectly fine website like google.com (see attachement)

I don’t understand why this happen but i want to DISABLE this certificate checking function, it’s causing too many problems. For example it’s impossible now to see the expiring date of our certificates on our website.

I searched everywhere on KSC, checked the help and search online. How to completely disable this function?

Thanks

 

In response to this request, raviparker gave a good answer that should work, but his first instructions were this: “ Please go to the respective KES policy “

 

I don’t know how to find this.  I’m not sure what the “respective KES policy” is in this case.  I do not have Kaspersky secure connection enabled but still get this message. Anyway, I just want to know how to get to the page he has pictured.  In my case, it is facebook.com that is the “unsecure” website.

[Alexey]

Hello,

We have KSC 11.0.0.1131 with 300 clients KES 11.1.1.126.

Since the 11.1 update we’re receiving a kaspersky notification page when we visit local webpage or internet website with wrong certificate. This is acceptable. Unfortunatly sometimes we see this error even on perfectly fine website like google.com (see attachement)

I don’t understand why this happen but i want to DISABLE this certificate checking function, it’s causing too many problems. For example it’s impossible now to see the expiring date of our certificates on our website.

I searched everywhere on KSC, checked the help and search online. How to completely disable this function?

Thanks

 

In response to this request, raviparker gave a good answer that should work, but his first instructions were this: “ Please go to the respective KES policy “

 

I don’t know how to find this.  I’m not sure what the “respective KES policy” is in this case.  I do not have Kaspersky secure connection enabled but still get this message. Anyway, I just want to know how to get to the page he has pictured.  In my case, it is facebook.com that is the “unsecure” website.

 

It is active working KES policy in KSC.

You should connect to you KSC mmc console, then open your administering server, then controlled devices.

Then go to the page “Policy” (on my screenshoot) => right click properties, and then general settings => network settings