Why certificate issuer is shown as 'Avast'?

My domain is: bobu.online

I ran this command: letsencrypt certonly --standalone --dry-run -w /var/www -d krishnarotech.com -d www.krishnarotech.com -d bobu.online -d www.bobu.online
My web server is (include version): Nginx 1.14.0

OS:Ubuntu 18.04 LTS

My hosting provider: GCP

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site: No CP.

The version of my client is: I’m using ‘Letsencrypt’ command.
My query is that I thought I’m getting the certificate and key from Letsencrypt. But, after getting the cert/key, my browser is showing that the certificate is issued by Avast:

How so?

And also the Firefox (latest version) is showing ‘black’ padlock instead of ‘green’ and is saying that it doesn’t recognize this ‘certificate issuer’. (FF does trust ‘Letsencrypt’ fully).

1 Like

You probably run an Avast virusscanner on that computer.


But, for that, avast may check/verify the certificate.

Avast surely didn’t ‘issue’ the certificate, as reported by FF/browser!!
Did it (somehow)?

No, Avast works as a Man in the Middle with their own “root” which is forced upon your browser, so they can check secured transmissions for virusses and spam and so on. Your server actually uses the Let’s Encrypt certificate, only you can’t see that because Avast intercepts the connection.


But why the FF (latest version) isn’t fully trusting the certificate with ‘Green Padlock’?
Why is it giving ‘black padlock’?

How can I stop ‘Avast’ to interact in between (even may be temporarily, to check the certificate/ff behavior)?

I disabled ‘Avast’ for 10 minutes. And truly the certificate started showing that ‘its’ been issued by Letsencrypt! Good.
But, but, FF still is giving black padlock with the words that it doesn’t trust the certificate (issuer).

1 Like

Because it doesn't trust Avast, because Avast isn't a trusted CA.


you’re right (as I found by turning off Avast fully :slight_smile: )

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.