SSL Interception

There are virus scanners on which users can enable the ability for safe browsing. Once used, the secure HTTPS:// connection from the website will be intercepted.

Method

An SSL certificate will be trusted by a browser once the root certificate is recognized by this browser. For this, a browser uses a list of trusted root certificates. When using SSL interception the virus scanner replaces the certificate and the root certificate. Using this method decrypts the encrypted traffic and monitors it for security purposes.

Risks

A certificate is always issued from a root certificate from a CA (Certificate Authority). It takes years of work for a CA to get their root certificate in the trusted root store of browsers, next to complying to strict rules. Often the root certificate of a virus scanner isn't trusted in the browsers which results in a browser showing an untrusted error.

Furthermore, in theory it's possible that intercepted data can come in possession of the virus scanners' manufacturer. Looking at all inconveniences that could appear using the safe browsing option, our advice is not to turn off this functionality in your virusscanner or to avoid it.

SSLCheck

Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues

point up