You can configure secure connections scan settings through Kaspersky Security Center or in the local interface of Light Agent for Windows.
To configure secure connections scan settings in Kaspersky Security Center:
If the connection is established through a browser and you attempt to access a website with a certificate error, you will see an HTML page containing a warning that visiting the website is not recommended, and a description of the detected certificate error. You can click the link on the HTML page to proceed to the requested website. For a period of an hour after clicking the link, Kaspersky Security will not display warnings for the certificate error of this website or when requesting other web resources in the same domain.
This action is selected by default.
If the connection is established through a browser and you attempt to access a website with a certificate error, you will see an HTML page containing a warning that the website is blocked, and a description of the detected certificate error.
This action is selected by default.
The list of domains with secure connections scan errors can be viewed in the Secure connections scan settings window in the local interface of Light Agent for Windows.
If you selected the Terminate connection action, all domains previously added to the list of domains with secure connections scan errors are automatically deleted from this list.
By default, Kaspersky Security does not block network connections that are established using the TLS 1.0, SSL 2.0 and SSL 3.0 protocols. In this case, Kaspersky Security monitors network traffic transmitted over connections that are established using the TLS 1.0 and SSL 3.0 protocols. Network traffic transmitted using the SSL 2.0 protocol is not monitored.
The TLS 1.0, SSL 2.0, and SSL 3.0 protocols have some flaws affecting the security of data transfer.
To configure the secure connections scan settings in the local interface:
In the right part of the window the settings for Network Ports Monitoring and for Scanning Secure Connections are displayed.
If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.
Click the Domains with scan errors link in the Secure connections scan settings window to view the list of domains whose secure connections result in a scan error.