Jump to content

Trusted address settings ignored


Recommended Posts

Posted

All of the devices in my home lab (router, switches, servers, etc) use a hostname in the “mydomain.site” domain.  I have entered this int the KIS’s “trusted Addresses” and URL Advisor’s Exclusions.  Yet every time I connect to one of the devices, KIS pops up a “untrusted site blocked” page, and I have to click past that and the next two KIS pop-ups to get to the device.

What does it take to get KIS to believe me?

Posted

“mydomain.site” domain. 

 

Welcome.  

Please try this ?
Settings → Additional → Network → Trusted addresses →  Add Domain name → Save

Posted

I do not have 

Settings → Additional → Network → Trusted addresses →  Add Domain name → Save

However,  I do have

Settings → Network Settings → Trusted addresses →  Add Domain name → Save

And I’ve already added the domain to the list, and made sure the entry is ‘Active’, and rebooted my computer to make sure KIS gets restarted.

Igor Kurzin
Posted

Hi @BudTheGrey , 

To make sure we are on the same page, can you post a screenshot of the Trusted addresses, the error message when connecting to one of the local devices (so that URL in the browser address bar is visible as well)? 

Posted

Pics.  Could not get a screen shot of the last screen “kaspersky: are you sure you want to visit this untrusted site”, because it is a system modal box and will not let the screen cap program activate

 

Igor Kurzin
Posted

Thank you for the screenshots.

To fix this, please add subdomains to Trusted addresses as well, e.g. pfsense.thedurlands.site. 

  • Like 1
Posted

That’s not a domain, that’s a host.  I should just be able to enter *.thedurlands.site

  • 2 weeks later...
Wesly.Zhang
Posted
On 3/18/2022 at 7:18 AM, BudTheGrey said:

That’s not a domain, that’s a host.  I should just be able to enter *.thedurlands.site

Hi @BudTheGrey

Have you resolved this issue by yourself via add *.thedurlands.site to trusted address ? Please let me know, thanks.

Regards.

  • Like 1
  • 3 weeks later...
Posted

Same problem here. Tried everything. Also the trusted certificates part is totally ignored. Tried settings, rebooting.... everything..... sometimes it had accepted...but after some logon's to the trusted server...the "untrusted page" message is there again. (And that's without rebooting the system or any other changes) Seems KTS is ignoring every setting I make...

 

Posted

Try adding the mask: *thedurlands.site or even *thedurlands*

  • Like 1
Posted

Thank you Harlan4096 for your quick reply.

But * and ? is not accepted 

image.png.b5cd15fd160c17b3e9742df4b093adab.png

 

 

 

Posted

Also it is very annoying I have to connect my PC always online because otherwise KTS is complaining all the time it can not be updated.....

I don't want to have my system always online so I changed update to weekly so I hoped it wouldn't complain every day and I could update by hand every day when Online. But still KTS is complaining with many messages in the windows sidebar. And KTS is sometimes restarting.......giving messages in windows the Securitysuite has switched off... I suspects KTS does this because it was unable to connect to the servers to update....

Why is the setting weekly update there if it is also ignored?

But please correct me when i'm wrong...

Wesly.Zhang
Posted

Hello, @appie

Could you take a screenshot on the message?Upload here.

Regards.

Posted
54 minutes ago, appie said:

Thank you Harlan4096 for your quick reply.

But * and ? is not accepted 

image.png.b5cd15fd160c17b3e9742df4b093adab.png

 

 

 

It's working here, but I'm using upcoming K.Plus MR6 RC:

 

image.png.925fa77068f0261e9506fb1111d60b6d.png

  • Like 1
Posted

As you can see it does Not work in KTS21.3.10.391(i) latest updated version. Screenshot dutch but the same page as you used.  

The certificate issue is getting worse and worse....suddenly Kaspersky TS is getting me in some loop where I can say I want to go further to the "untrusty" selfsigned-certificate page but when I agree......I land on the first page where is stated the site has no valid certificate......

And it ignores completely when I add trusted Base-certificates of put the addresses in trusted domain

I am about to delete Kaspersky, it is behaving unstable and not reliable. Every day it behaves different and I can not do my work anymore.

Can someone please help me solve this problem or help me delete KTS (because that seems also impossible. Uninstall hangs and will not continue)?

Thanks in advance

 

  • Like 2
Wesly.Zhang
Posted

Hello, @appie

Have you ever tried to add a self-signed certificate to the system's trusted root certificate store? This may be able to solve your problem.

  • Like 1
Posted

Hi Flood and Flood's Wife. 

Thank you for your reply. 

I have uninstalled several times but windows will not allow me to manage firewall or other security options cause it is "managed by my organisation" (or some alike error-message) This has started since the first KTS install. Never get rid of it...not with help of the support...after all I installed KTS again because Windows Firewall and anti-malware did not function. A clean windows install should work but if that's the only way to get configuration rights back on windows  it will be the end of the very long relationship between Kaspersky Security products and me.

On this moment when I start uninstall KTS it starts and the progression-bar fills until almost the end and than...I waited for about 30 minutes without any change and stopped the uninstall. Afterwards KTS was fully functional. I think after cancelling uninstall it performed a complete rollback?

Seems like uninstall is not working the way it should. Or is an uninstall of more than 30 minutes usual?

Posted

Hi Wesly.Zhang,

Thank you for your reply.

I have tried adding self-signed certificates in many ways. But KTS completely ignores it.

To test I have even tried an official Amazon certificate and adding amazon in many forms (amazon.com, www.amazon.com etc. because * is NOT accepted)  in the trusted addresses. Secure banking and parental control are switched off.

But even in this case the Kaspersky root certificate is placing itself between the amazon-certificate. 

When I switch off "encrypted connection scan" and restart the browser I get the page with the certificate-path of Amazon without the Kaspersky root Certificate.

But when I turn on "encrypted connection scan" and restart the browser the Kaspersky root certificate has nested itself again between all encrypted connections.

Is turning off "encrypted connection scan" the only way to make an encrypted connection with a known and trusted site without having KTS in between?

Encrypted connections are the standard today also on untrusty sites so "encrypted connection scan" is highly preferable at most of the connections.

But it's kind of strange it seems to be so extremely difficult (or even impossible) to setup KTS for not scanning trusted sites (where interference of KTS is unacceptable)

 

btw: forum.kaspersky.com does not have the Kaspersky Anti-virus personal root certificate inbetween.... that stated forced setting works always withoud any questions:

 

image.png.bbece78018a1aecb18d856da63aa7003.pngimage.png.392793063b7aa569e31e70dafde5817b.png

image.png

Posted

And when everything is entered......

image.thumb.png.062ee5d399ca3560769821aea5f8efd8.png

 

Kaspersky Anti-Virus Personal Root Certificate is still in the connection-chain

Flood and Flood's wife
Posted
57 minutes ago, appie said:

Hi Flood and Flood's Wife. 

Seems like uninstall is not working the way it should. Or is an uninstall of more than 30 minutes usual?

Hello @appie

You're most welcome!

Without knowing your machine it's not possible to say conclusively, but, ordinarily, standard uninstalls do not take a long time; we would consider such a process longer than 30 minutes to be not quite right - however; from your reply it seems you may have engaged Kaspersky Support, is that correct? 

IF "yes", have they done any analysis of the machine or the original issue? 

Please let us know? 

Thank you?

Flood?+?

Wesly.Zhang
Posted

Hello, @appie

You don't know what I said about add self certiticate into system root certificate store. 

I suggest you do the following step :

Ctrl+R --> certmgr.msc --> select trusted root certificate .... --> import...-->Follow the on-screen prompts to complete the certificate import -->close all browers, try again.

Regards.

 

  • Like 1

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...