SSL cert revocation service unreachable when AVG active
Hello,
We have had several customers complaining about mysterious errors when communicating with our servers and today we realized that the common denominator is that they use AVG anti virus: If this product is enabled, WinSSL on the machine in question is prevented from reaching an SSL cert revocation server:
Curl returned error 35 when handling request: <...>: schannel: next InitializeSecurityContext failed: Unknown error (0x80092012)
Curl uses WinSSL which is the library generating this error.
If disabling AVG anti virus, there is no problem for the SSL library to do its thing, including contacting the revocation servers associated with the certificate.
Is this a known issue? If not, can you look into it to fixing it? In either case, what is the expected timeframe for a fix? If you look around on the web, there are other users with the same problem - e.g. as discussed here: https://github.com/erengy/taiga/issues/122
If you do not intend to fix, we will have to disable certificate revocation checking in the client - which decreases security for the end-user. I hope you can see the irony that we have to introduce a security issue to work around the behavior of a security product like yours :-).
Thanks!
Ulrik, Nabto
PS: I have tried various ways of submitting the above to some support service, but I am always directed to this forum - if anybody know how to contact AVG support without being a customer it would be great
Ulrik, We certainly understand your concern, please let us know whether your users have installed "AVG Windows product or AVG business editions". Could you please be more specific about the name of the AVG Product installed on your users computer? so that we will understand your concern clearly and assist you with the same Thank you.
Thank you very much for your understanding! I have talked to a user who says "he believes" it is the business version, he will check later today when he is back at the computer in question and also get all details about which exact product it is.
Hello Ulrik, Thank you for replying us back. Once after the confirmation of the exact version of the AVG program please get back to us and we are happy to assist you. Thank you.
That link leads me to a business support site where I can put in "the same email you registered with us". As mentioned above, I don't have any AVG products nor any support agreements and our customer should not handle this on our behalf; it is our product which is affected by the issue with your service - and many customers are affected, not just this one customer who we happened to get some more detailed information from.
Isn't it possible to get in touch with somebody who can just look at the case without regards to ownership of specific products?
We apologize for the inconvenience caused.
Are you experiencing issue with AVG Business products?
Thank you.
I am not a user of AVG myself but our users have issues with AVG. Who do I talk to about this?
Ulrik
AVG Guru
We certainly understand your concern, please let us know whether your users have installed "AVG Windows product or AVG business editions". Could you please be more specific about the name of the AVG Product installed on your users computer? so that we will understand your concern clearly and assist you with the same
Thank you.
AVG Guru
Thanks!
Ulrik
Thanks again!
Ulrik
Thank you for replying us back. Once after the confirmation of the exact version of the AVG program please get back to us and we are happy to assist you.
Thank you.
We have received this from an affected user.
AVG Guru
Thank you for providing us the screenshot. Please contact our AVG Business products ( http://www.avg.com/ww-en/business-security ) to assist you better in resolving the issue. The AVG (SMB) support in Brno, Czech Rep.. will probably deal with your query at their earliest convenience. Also, For a more direct contact method try this link ( http://www.avg.com/ww-en/customer-support-business ). This will lead to this further link ( https://support.avg.com/business_contact_form?l=en_us&retUrl=business ). Please feel free to contact us for further assistance.
Thank you.
That link leads me to a business support site where I can put in "the same email you registered with us". As mentioned above, I don't have any AVG products nor any support agreements and our customer should not handle this on our behalf; it is our product which is affected by the issue with your service - and many customers are affected, not just this one customer who we happened to get some more detailed information from.
Isn't it possible to get in touch with somebody who can just look at the case without regards to ownership of specific products?
Ulrik
Thank you for your understanding. Our AVG Business support team will reply back to you as soon as possible.
Thank you.