Agile1pAgent.exe not found after 1Pv6 install so no helper running?

billyt

hi,
I've installed 1Pv6.1.296 on a Win7 VM in a corporate environment. Desktop app is going fine, sync to account etc. as needed. Using Firefox and Chrome, both extensions fail to find the 1P helper. When i look into "C:\Program Files (x86)\1Password" I can't find "Agile1pAgent.exe", and also can't see the helper in the Task Manager. I previously ran 1Pv4 on this machine and it went fine, uninstalled it before putting v6 on.

Getting 2 log messages that may be of interest ...
"Warning - Refusing helper connection from "C:\Program Files\Mozilla Firefox\firefox.exe" from port 62792 and origin resource://onepassword4-at-agilebits-dot-com, because of untrusted certificate"
and
"Error - AgileBits.OnePassword.UiRouter URL onepassword4-extension://activate/Firefox has wrong scheme, redirecting to default!"

thanks

---

1Password Version: 6.1.296
Extension Version: 4.6.2
OS Version: Win7
Sync Type: 1P account

AGAlumB

@billyt: Sorry for the confusion! Agile1PAgent.exe (A.K.A. Helper) is part of 1Password 4, so that's a bit of a red herring with regard to 1Password 6. Here is the real issue:

"C:\Program Files\Mozilla Firefox\firefox.exe" from port 62792 and origin resource://onepassword4-at-agilebits-dot-com, because of untrusted certificate"

It sounds like there may be corporate policies in place that are breaking the secure connection due to an invalid certificate. Can you tell me what "security" software is in use on this machine? Some will block the extension from being installed at all, and others will interfere with the connection because they want to eavesdrop on the transmission...and obviously that isn't something we want happening to our 1Password data! Let me know what you find!

billyt

thanks brenty, sorry for the delay, not enough time to get back to the problem. Bit difficult getting someone to confirm the setup in a corp env (as you might guess). We're running under WMware. I can install quite a bit onto the VM, and view/change some registry settings (not sure how much, rarely need to try), but don't have full admin control. I am able to add security exceptions for FFox. I'm also able to add some exceptions to Symantec. From what I can gather the likely candidate is Symantec Endpoint Protection v12.1.671.4971. Other posibilities are Fiddler web debugger (not usually running), ActivClient, Citrix Access Gateway Plugin, Novell SecureLogin.

cheers

MikeT

Hi @billyt,

You might want to try excluding 1Password 6's process as well, you can find it here: %LOCALAPPDATA%\1Password\app\6\AgileBits.OnePassword.Desktop.exe

Once excluded, try restarting the browsers and see if it works.

Symantec rarely interferes with 1Password like this and Fiddler would only interfere if it is running. I'm not familiar with the other ones you're using but that is not a bad sign, it just means they're not known to interfere with 1Password.

billyt

My app is installed into C:\Program Files (x86)\1Password, so put that in as exclusion for Symantec but no change. Tried to add a cert server exception in FFox but it said
https://agilebits.com/browsers/welcome.html
"this site provides valid verified certificates, no need to add an exception"

I thought I'd try to find out if the issue was from FFox or not, so tried to ping your server. don't know if this is a valid test etc.
C:>ping www.agilebits.com
Pinging webstore-prd-web-elb-164575711.us-east-1.elb.amazonaws.com [52.203.33.202] with 32 bytes of data:
Request timed out.

I can access the Local Security Policy settings via Ctl Panel > Admin tools, but not sure if there's anything in there that would help.

MikeT

Hi @billyt,

My app is installed into C:\Program Files (x86)\1Password,

Did you manually change to that directory? We do not use that directory at all and we don't recommend changing it for the moment.

Tried to add a cert server exception in FFox but it said

This issue isn't related to our server's certificate nor is this a remote issue, Internet isn't involved, this is all local. Basically, 1Password cannot verify the local Firefox file is valid, it doesn't match the known one on our list. This makes 1Password think someone has tempered with Firefox on your computer.

Most of the popular browsers are signed with a code signature to confirm the people who built or own the browser are the same people who have released the browser. For an example, it is Mozilla who built Firefox and when we download Firefox on our computer, we can confirm the file has been created by Mozilla by looking at its code signature since they own the private key that signs the browser.

We store a list of known code signatures of the most popular browsers we support in our app. If someone has tempered with the browser files, the code signature would no longer match and thus, 1Password no longer allows any connection from that browser.

Certain security programs has interjected itself into this process by rerouting the connection from 1Password extension to itself to 1Password, instead of the required direct connection from the extension to 1Password. Some just blocks 1Password from reading the process files to confirm its code signature. Both would nullify the code signature validity checks even if the browser is code-signed properly.

Can you email us your 1Password diagnostics file, please use this guide to generate the 1Password diagnostic report and email it to us at support+windows@agilebits.com. Also, in the email, include the link to this thread along with your forum username, so that we can connect the email to this thread.

Let us know here when you've sent it, so we can confirm we got the email.