Kaspersky Antivirus SSL Interception

Difficulty
Very easy

KAV has a “feature” that will intercept all https://. traffic so that it can inspect it. In order to do that it essentially breaks the secure path between your client and the web service you visit by in effect doing a MITM “attack”. Your client will always see the KAV SSL certificate (which has an expiration date of decades in the future…) and your “secure” connection will effectively be proxied by the Antivirus to the site. Excluding all the severe security implications, this will also not allow you to inspect the actual sites certificate.

Connection Flowchart

SVG

Disable SSL Interception

Right Click on the Icon in KAV on your taskbar → Settings → Additional → Network → Do not scan encrypted connections

/home/www/sites/esgr.in/wiki/data/pages/kaspersky_ssl.txt · Last modified: 2017/08/31 12:28 by eServices Greece