2

When opening Android Studio for first time it shows this prompt:

"Server's certificate is not trusted"

Why is it showing in the first place? Should I accept the certificate?

Any help would be great.

Prompt

 Server's certificate is not trusted Certificate details Issued To CN (Common Name) *.google.com O (Organization) Google Inc L (Locality) Mountain View C (Country) US ST (State or Province) California Issued By CN (Common Name) Kaspersky Anti-Virus Personal Root Certificate O (Organization) AO Kaspersky Lab Validity Period Valid from: 25/7/08 Valid until: 20/7/28 ...

Other Info

I recently installed kaspersky free on my device.

Improve this question
4
  • Kaspersky probably just needs to initialize all the SSL certs you are making connections with. It will probably go away once you start trusting them. Commented Jul 23, 2018 at 14:39
  • 1
    Okay.But why is it showing in the first place? Commented Jul 23, 2018 at 14:41
  • 1
    Because it looks like Kaspersky has a personal root certificate that it issues with all connections. This will enable two-way SSL with all data connections that go outside your computer's network.This means that the network traffic is ALWAYS encrypted. Commented Jul 23, 2018 at 14:44
  • That is your hint that using Kaspersky (or just about any other AV product) can be dangerous. Kaspersky wants to inspect all encrypted traffic to make sure that no malware is sneaking in through SSL. But to do that it must decrypt your SSL sessions. It does this all on your machine so you might think it should be safe, but because it's messing with the extremely security sensitive SSL stack you are taking a big risk. If you really want to take that risk then follow aquaballin's links to exempt Android Studio from this inspection. Commented Jul 23, 2018 at 20:15

1 Answer 1

Reset to default
1

Kaspersky is issuing (and initializing) a personal root certificate upon it's first use with Android Studio (Google Network).

Once trusted, Kaspersky should not prompt you again.

EDIT: This forum thread has some more information on how to get the root certificate configured for Android Studio (and other applications): https://forum.kaspersky.com/index.php?/topic/307871-kis2015-and-android-studio/

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Please provide some evidence for your claims. It's more likely that Kaspersky is breaking the SSL connection by doing a "local" man-in-the-middle on the machine running Kaspersky. This allows Kaspersky to decrypt and inspect all SSL connections. You really place a lot of trust in these anti-virus products when you install them, which in my opinion is a mistake.
Well I dont have either of these tools downloaded onto my machine but I did do some research earlier. Although I should never assume, I hoping that the Android Studio Prompt does in fact install the root certificate after trusting via the prompt. I believe this is the thread that I briefly read through earlier today. forum.kaspersky.com/index.php?/topic/… I will add the link to the answer for clarification of my intent.
You write: "It is using an SSL (Secure Socket Layer) certificate to encrypt the network traffic between your computer's network, and all the networks in between, till the data reaches Google's network.". That is false. It is doing no such thing.
@James K Polk then what should I do, the prompt is asking repeatedly?
@magic_man: Follow the instructions from forum user "kurnev.e" at the link provided in this answer.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.