We have an enterprise anti-virus running - BitDefender (BD). Recently a weird thing happened and I’m trying to understand what happened and how it works. A website that we developers used to be able to go to suddenly generates a “blocked” message in Chrome. But when we go to it in Firefox it works fine.
Firefox prompted to install a certificate from BD and I canceled the prompt. Chrome never prompted and apparently automatically got the cert installed. That would explain the blocking in one and not the other, but I’m struggling to understand how a certificate affects individual software applications like that. The BD cert is listed as a trusted root cert in the Windows cert store on my machine.
Now in Chrome I can go to https://unsplash.com (a stock photo site). Click the padlock and it shows a SAN cert that was issued …by BitDefender!!! In Firefox the exact same website cert info shows the correct issuer as Globalsign.
So how can BD install a cert that says it issued the TLS certificate for a website? How does that even work? Any clues or better yet links to explanations are gratefully accepted!
Edit: just checked the padlock on this website and get a similar thing: