Hi Andrew,

I am not seeing the same information about the certificate. ( I have attached a screen shot.)

I am using the Firefox Developer's Browser: 83.0b10 (64-bit)

I tried the same website on Firefox 82.0.3 (64-bit) and I am still seeing a valid certificate from DigiCert.

Try Clearing cookies and site data... click on the padlock and then click on "Clear cookies..." at the bottom of the menu.

Let me know if that helps.

Hello. Very strange. I've attached a photo of the 'not recognised...' text I'm seeing. I'm using standard Firefox 82.0.3. I also 'visited' various other banks and they all show the same message. (' Eset... not recognized...') https://www.co-operativebank.co.uk/ https://www.barclays.co.uk/ https://www.santander.co.uk/ https://www.lloydsbank.com/ https://personal.natwest.com/personal.html https://uk.virginmoney.com/

But HSBC has a certificate issued by digicert and it's fine. No error message. https://www.hsbc.co.uk/ Amazon is fine, again with a digicert certificate. https://www.amazon.co.uk/

I have no idea why you see a a digicert certificate on Nationwide and I see one from Eset. I thought the certificate would have been on Nationwide's server. We'd both access the same server - albeit from different parts of the World.

Where are you?

I've cleared cookies etc, but not from the padlock drop down box. As you can see from my pic - there's no 'Clear cookies' button' It didn't make any difference.

Any further thoughts would be gratefully received!

Regards - Andrew (UK)

Your security software has put up a fake certificate to scan your encrypted traffic. As @johnwes stated, the proper certificate on that page is from DigiCert.

...but if you do not use ESET security software, then it would be suspicious that the certificate says it was issued by ESET.

I've been in email contact with Eset in the UK. (I use the Eset anti-virus software.) I asked their technical staff what was going on. Their answer is pasted below:

"For ESET to be able to scan "https" pages, it needs to put itself as a man-in-the-middle, and as such these have to be created by the ESET installation itself as it needs to match to the installation's unique identity to perform the integrity checks.

If you were to open ESET, go to setup > advanced setup > web and email >> SSL/TLS, there will be an option for 'exclude communication with trusted domains', with this enabled (which it is by default), ESET will exclude known-trusted websites from SSL scanning, through a manually-maintained domain list, as such, sites such as Amazon and DuckDuckGo for example are on this list, but as this is a globally-maintained list, some UK-based financial institutions are not included and will therefore have an ESET SSL Filter certificate in place. "''

I'm not sure I fully understand, but I'm content that everything is working as it should. Unless you know something different.....?

You could manage this issue by disabling secure connections by ESET. Here is a knowledge base article with a link to ESET's support article.

https://support.mozilla.org/en-US/kb/error-codes-secure-websites#w_eset

Hope this helps.