[KB3487] Allow SSL communication with specific online services and wireless devices in ESET Windows home products

Issue

  • Google Chrome fails to open certain websites when SSL (Secure Socket Layer) scanning is enabled in ESET Windows home products.
  • The message "This site can't be reached" is displayed
  • In some cases, cloud-based services like Dropbox, Google Apps, Quickbooks Online and Skype are blocked by ESET SSL scanning
  • Wireless devices (printers, scanners, etc.) are blocked by ESET SSL scanning

Details


Click to expand

ESET SSL scanning is a feature that allows or denies network communications based on a system of certificates that legitimate web services use to identify themselves. Sometimes, ESET SSL scanning might deny a legitimate web service or network device because its certificate changes frequently or does not use an SSL certificate. You can create exceptions to SSL scanning in ESET Windows home products to allow communications with these services or devices.


Solution

  1. Enable Pre-release updates
  2. Create an SSL scanning exception for the service or device

I. Enable Pre-release updates

Enabling pre-release updates will allow your ESET product to receive any recent changes to the SSL scanning module, which might resolve a conflict you are having with a service or device.

  1. Open the main program window of your ESET Windows product.

  2. Press the F5 key to access Advanced setup.

  3. Click Update and expand ProfilesUpdates. Select Pre-release update from the drop-down menu.

    Figure 1-1
  4. Expand Basic, click Clear next to Clear update cache and then click OK to save your changes.

    Figure 1-2
  5. Click here to bookmark this article and then restart your computer.

  6. After your computer restarts, open the main program window of ESET your Windows product.

  7. Click UpdateCheck for updates.

    Figure 1-3
  8. Press the F5 key to access Advanced setup.

  9. Click Update and expand ProfilesUpdates. Select Regular update from the drop-down menu and click OK to save your changes.

    Figure 1-4
  10. Attempt to trigger the issue. If the communication is blocked or the issue persists, continue to section II below.


II. Create an SSL scanning exception for the service or device

Close any additional web browsers and/or email clients before proceeding.

  1. Open the main program window of your Windows ESET product.

  2. Press the F5 key to access Advanced setup.

  3. Click ProtectionsSSL/TLS and expand SSL/TLS. Select Interactive from the drop-down menu next to SSL/TLS mode.

  4. Click OK to save your changes.

    Figure 2-1
  5. Attempt to access the service or device being blocked by ESET (for example, open a web app or attempt to print a file).

  6. The Encrypted network traffic dialog will prompt you to select an action. Click Details to display the Application and Certificate information. Select one of the following (in this example, Remember action for this certificate is selected):

    • Ask every time: This will allow communication with the service or device one time. You must repeat this action the next time you attempt to access this service or device.
    • Remember action for this certificate: This will examine the certificate and allow communications.
    • Remember action for this application: This will examine the app and allow communications.
  7. Click Scan to allow communication.

    Figure 2-2
  8. Click Yes if you receive a prompt from Windows.

  9. Press the F5 key to access Advanced setup.

  10. Click ProtectionsSSL/TLS and expand SSL/TLS. Select Automatic from the drop-down menu next to SSL/TLS mode.

  11. Click OK to save your changes.

    Figure 2-3