Google Chrome ERR_SSL_SERVER_CERT_BAD_FORMAT

Google Chrome ERR_SSL_SERVER_CERT_BAD_FORMAT

如下圖

這個網站無法提供安全連線

www.ublink.org 不符合安全性標準

無法點選進階

或是下一步

繼續前往

不購買 CA 授權

解決方法如下

如果有安裝 NOD32

原文連結

https://support.eset.com/kb3126/?locale=en_US&viewlocale=en_US

說明節錄如下

HTTPS websites fail to load or you receive the error message "Connection is untrusted" when using your web browser with ESET products
Applies to: ESET Smart Security Premium, ESET Endpoint Products, ESET Smart Security
Issue

    Websites with SSL Certificates are not accessible
    You receive the error message: "sec_error_reused_issuer_and_serial"
    Root certificate not imported correctly

Solution

In some cases, the root certificate is not properly imported during the installation of ESET products. This issue is often resolved by disabling and then re-enabling SSL scanning. To do so, please follow the steps below:

    Open your ESET product. How do I open my ESET product?
    
    Press F5 to enter Advanced setup.
    
    Click Web and email, expand SSL/TLS, click the slider bar next to Enable SSL/TLS protocol filtering to disable and then click OK.

    Version 8.x and earlier: Expand Web and email → Protocol filtering, click SSL, select Do not scan SSL protocol and then click OK.

    Figure 1-1
    Click the image to view larger in new window
    Press F5 to enter Advanced setup.
    
    Click Web and email, expand SSL/TLS, click the slider bar next to Enable SSL/TLS protocol filtering to re-enable and then click OK.

    Version 8.x and earlier: Expand Web and email → Protocol filtering, click SSL, select Always scan SSL protocol and then click OK.

    Figure 1-2
    Click the image to view larger in new window
    Restart your computer. 

You should now be able to access web pages that use SSL certificates without interference. If the issue persists, you can temporarily disable SSL protocol scanning to continue browsing without interruption. Proceed to the next section for step-by-step instructions.
Disable SSL protocol scanning:
Potential security risk

Disabling SSL scanning will remove a layer of security provided by ESET Smart Security and could expose your system to security risks.

    Open your ESET product. How do I open my ESET product?
    
    Press F5 to enter Advanced setup.
    
    Click Web and email, expand SSL/TLS, click the slider bar next to Enable SSL/TLS protocol filtering and then click OK.

    Version 8.x and earlier: Expand Web and email → Protocol filtering, click SSL, select Do not scan SSL protocol and then click OK.

    Figure 2-1
    Click the image to view larger in new window

You should now be able to access web pages that use SSL certificates without interference. If the issue persists, you can temporarily disable the addition of root certificate to known browsers. Proceed to the next section for step-by-step instructions.
Temporarily disable root certificate

    Open your ESET product. How do I open my ESET product?
    
    Press F5 to enter Advanced setup.
    
    Click Web and email, expand SSL/TLS, click the slider bar next to Add the root certificate to known browsers and then click OK.

    Figure 3-1
    Click the image to view larger in new window
    Open your browser and reload the page you were attempting to access.
    
    Open your ESET product. How do I open my ESET product?
    
    Press F5 to enter Advanced setup.
    
    Click Web and email, expand SSL/TLS, click the slider bar next to Add the root certificate to known browsers and then click OK.

    Figure 3-2
    Click the image to view larger in new window

    Restart your computer.

If you are still unable to resolve your issue, please email ESET Technical Support.

https://help.eset.com/eav/9/zh-TW/index.html?idh_config_epfw_ssl_known.htm

已知的憑證清單
     

[已知的憑證清單] 可用於為特定的 SSL 憑證自訂 ESET NOD32 Antivirus 行為,且若在 [SSL/TLS 通訊協定過濾模式] 中選取 [互動模式],則可記住選擇的處理方法。您可於[進階設定] (F5) > [Web 和電子郵件] > [SSL/TLS] > [已知的憑證清單] 中檢視與編輯清單。

[已知的憑證清單] 視窗包含:
直欄
名稱 - 憑證名稱。

憑證發行者 - 憑證建立者名稱。

憑證主旨 - 主旨欄位可識別與主旨公用金鑰欄位中所儲存公用金鑰相關聯的實體。

存取 - 選取作為 [存取處理方法] 的 [允許] 或 [封鎖] 以允許/封鎖憑證認為安全的通訊,無論憑證的可信任度為何。選取 [自動] 以允許信任的憑證並要求不信任的憑證。選取 [詢問] 以一律詢問使用者處理方法。

掃描 - 選取作為 [掃描處理方法] 的 [掃描] 或 [略過] ,以掃描或忽略此憑證認為安全的通訊。選取 [自動] 以於自動模式中掃描並於互動模式中詢問。選取 [詢問] 以一律詢問使用者處理方法。
控制項元素

[新增] - 新增新憑證並調整關於存取和掃描選項的設定。

編輯 - 選取您想配置的憑證並按一下 [編輯]。

移除 - 選取您想刪除的憑證並按一下 [移除]。

確定/取消 - 若您想儲存變更,請按一下 [確定],或若您想離開而不儲存,請按一下 [取消]。

如上就可以了

  • 文章瀏覽點擊數 2846789