Safari and web certificates

danco
danco
Volunteer Moderator

I ran into an oddity the other day, which mentioned 1PW (hence the post in an Agile forum) but may have no actual connection.

I had to go to a Web site that stated, when I used Safari, that a client certificate was required and asked me to select a suitable certificate. But the list of available certificates had only two items in it, 1PasswordAgent and 1PasswordAgent followed by a long string. Neither of them worked, as they had expired in 2009. Looking at Keychain Access, I could see some valid Apple certificates, but they did not appear in the list I was asked to choose from.

I finally was able to use the site via Firefox, which did not ask me for a certificate.

Comments

  • khad
    khad
    1Password Alumni

    Yeah, that's a really old cert from 1Password 2. Details from the old 1Password 2 User Guide:

    If you use[d] Wi-Fi syncing to sync with your iPhone or iPod touch then you will find the 1Password Agent self-signed root certificate in your login keychain:

    You will also see the message “This root certificate is not trusted.” There is no reason to be concerned about this. This certificate is created when the 1Password application generates a self-signed certificate to provide SSL encryption between the desktop and iPhone/iPod touch applications.

    Keychain Access reports that the certificate is “not trusted” because the self-signed certificate was generated on your local machine and cannot be “trusted” until it is signed by a “trusted third party” like Thawte or Verisign. There is no need to go through the hassle of signing the automatically generated certificate to provide an encrypted HTTPS connection for the purpose of Wi-Fi syncing between your own devices.

    The certificate is obviously very old, expired, and no longer needed. :)

This discussion has been closed.