Browser (classic interface)

Protect: shield against untrusted certificates

Sites use certificates that are given out by authoritative, trusted organizations to protect against phishing and data theft. A certificate confirms a site's authenticity and participates in the data encryption process over HTTPS connections.

Yandex.Browser checks site certificates. If there is any doubt about a certificate's authenticity, the browser will warn you.

If the certificate author is unknown

In this case, it's not clear if the certificate was installed by the site administrator or hackers, and you will see the following warning:

You can either choose to not visit the site, or add the certificate to your trusted list. If you choose the latter, the certificate will be included in the list for 30 days and then you will have to once again confirm its trustworthiness.

Attention! Only click Trust this certificate when you know the certificate is reliable. Otherwise hackers can get access to your personal information!

If you want to visit the site, take the following security measures:

  • For home computers. Update your antivirus and scan your computer for malware. You will no longer receive warnings after doing this. If the scan didn't turn up any malware and didn't delete a suspicious certificate, then it can be deleted using Windows, but this may cause the system to malfunction.
  • For work computers. Contact your system administrator. They will delete any certificates they didn't install. If they did install the certificate, then click Trust this certificate. Keep in mind, however, that the system administrator can view your personal information and electronic payments.

If the certificate was installed using special software

Antiviruses, ad blockers, and site-monitoring programs (like Fiddler) can substitute their own certificates for those of the website. This is so that the program can decrypt traffic. However, certificate substitutions can cause the following problems:

  • At present, there is no way to be completely sure that a certificate was installed by a special program and not malware pretending to be that program.
  • Developers of special software may be privy to your information.

Yandex.Browser warns you about the following problems:

To visit a site:
  1. Find out what program replaced the certificate. This information can be found by clicking the corresponding link on the warning page.
  2. Decide if you are prepared to trust the certificate preparer with your personal information:

    I'm ready to entrust my information to themI'm not ready to entrust my information to them

    Click Trust this certificate.

    Turn off HTTPS-connection checking in your programs. Use the instructions for the following:

    • Kaspersky Lab antivirus.
    • ESET NOD32.
    • AdGuard. In addition to the AdGuard program, there is an extension of the same name. Extensions don't create their own certificates, which is why you don't need to check them.

    For all other programs (like Fiddler), try disabling HTTPS checks using the analogous instructions listed above.

    Attention! If you disable HTTPS checks, it doesn't mean you're unprotected. Yandex.Browser runs its own security checks on your downloading files, blocks malicious pages and banners, and uses advanced protection for bank and payment-system pages.

    If disabling HTTPS checks didn't fix your issue and you don't need the program that installed the certificate, then try disabling or closing that program.

unknown certificate
antivirus certificate
untrusted certificate