“code signature could not be verified” on 2nd Firefox profile.
After looking at the blog post about the extension spoofing, I re-enabled the extension for Firefox. It works fine, filling in the username and/or password on various sites. I have a separate profile for Firefox that I use for financial sites; it has fewer extensions and privacy options enabled for safety. The 1Password extension (4.3.1) has long worked there.
Now I get the "browser signing unverified" error, but ONLY on the profile I use for financial sites. Reading the blog post suggests that pasting the password (which works) is vulnerable to interception on the system clipboard, so I would prefer to have the extension work properly.
I tried the troubleshooting suggestion of re-booting, and it did not change the failure.
Any further suggestions???
1Password Version: 1Password 5 version 5.3.2
Extension Version: 4.3.1
OS Version: OSX 10.10.3
Sync Type: n/a
Comments
-
What version of Firefox are you using?
Stephen
0 -
Sorry - the latest Firefox version: 38.0.5
0 -
Hi @Jim611,
How do you launch Firefox? That might sound like an odd question but Firefox doesn't do profiles quite like Chrome does. I'm just wondering, do you only access this second profile by using the
/Applications/Firefox.app/Contents/MacOS/firefox-bin -pcommand or do you have Firefox ask at startup and you only ever launch the normal Firefox.app from Applications?0 -
I use an Applescript to run:
/Applications/Firefox.app/Contents/MacOS/firefox-bin -P0 -
Hi @Jim611,
That might be why you're having trouble. Can I ask you to try something for me please. In the Profile Manager there is a checkbox titled Don't ask at startup and I'm guessing you have this ticked so that Firefox will normally load your default, is that correct? If you disable this, forcing Firefox to ask on each load you can always start Firefox with either profile simply by launching the normal Firefox.app application. If you do this does our extension work properly in your second profile?
The other option is to disable our verification of the browser code signature which you can do in 1Password's preferences in the Advanced tab. I would hope both of those would stop this error message from appearing, one by not checking, the other by ensuring Firefox is the process that 1Password sees. Let us know how you get along :smile:
0 -
I did some trials as follows...
1. undoing the checkbox made no difference, except the profile query comes up when I start the normal (default) Firefox. The 2nd profile starts as usual, WITHOUT the profile query, and the 1P extension still generates the error.
2. Start the 2nd profile from the command line - same result.
3. Start the 2nd Firefox instance from the command line: /Applications/Firefox.app/Contents/MacOS/firefox -p -no-remote
This goes to the profile query. I select the 2nd profile. Then the 1P extension works properly!
I'm no expert on Firefox. Perhaps there is some issue with firefox-bin??0 -
Hi @jim611,
I'm certainly no expert either but what I noted is that both 1Password and Little Snitch regard firefox-bin differently to the full app bundle even though firefox-bin is obviously being launched as part of the process.
Just to confirm, in your first trial you deselected the checkbox and as I said, you found that it caused the profile manager to appear each time you launched the full Firefox.app bundle. Unlike my findings though you're saying that even after selecting the second profile using this approach (launching Firefox.app and then choosing the non-default profile) that the error still existed? I wonder why your findings differed from mine.
It sounds like you've found a solution though in
/Applications/Firefox.app/Contents/MacOS/firefox -p -no-remote. I assume that also works from an AppleScript?0 -
Sorry, I mis-explained no. 2. It should have been:
2. I launched the 2nd profile using firefox-bin from the command line, using the line as it appeared in the script. It did not bring up the profile query. The extension-filling error still existed.
Yes, the solution works as you stated, and I have it in an Applescript where it still works.Thanks for your suggestions! I'm OK for now.
0 -
Phew, I was a bit worried that my findings hadn't been reproducible :tongue: Glad to hear you've found something that works for you :smile:
0 -
Is there still no way to resolve this? I can't use 1P with any of my other Firefox Profiles because of the code sig. problem.
I use an Applescript with the Terminal command "/Applications/Firefox.app/Contents/MacOS/firefox-bin -P 'name_of_profile' -no-remote &> /dev/null &" to start other profiles.
Profiles started with this command seem to use firefox-bin and that may be the problem. 1P seems to have a problem with checking firefox-bin.I haven't been able to figure out another way to quickly start another profile while still bypassing the Profiler Manager's GUI where you have to choose.
Any help is greatly appreciated.
0 -
Is there still no way to resolve this? I can't use 1P with any of my other Firefox Profiles because of the code sig. problem.
@1P4Me: No. 1Password will not be able to validate Firefox if it fails the code signature check due to executing another binary. If you're doing this intentionally (and it sounds like you are, to allow you to switch profiles more quickly) you can disable the code signature check in 1Password Preferences > Advanced. But 1Password isn't going to shirk its duties so long as it's set to check the signature: if it doesn't match, it won't connect.
0
