Allow unsigned browser?
As you may know IT Enterprises works different then private or small business IT and so our IT department broke the browser signature (and use a very outdated version of it) and now we're unable to connect it with 1Password 6 for Windows.
I have one request and one question about this issue:
Q: Is there any way to avoid the signature check?
R: It would be great to have the option as a admin to allow this for all users?
The browser is chrome.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
@heubergen: Thanks for reaching out. I’m sorry for the trouble!
As you may know IT Enterprises works different then private or small business IT and so our IT department broke the browser signature (and use a very outdated version of it) and now we're unable to connect it with 1Password 6 for Windows.
Ouch. Can you tell me more about how they broke it? It's certainly something we can look into.
I have one request and one question about this issue:
Q: Is there any way to avoid the signature check?
R: It would be great to have the option as a admin to allow this for all users?
The browser is chrome.1Password is now using Native Messaging to connect to Chrome (and related browsers), and there is no way to override the security check there. Currently this is not the case in Firefox, but it will be in the near future. So I'd really like to hear more about what's causing this in your case to see if there are other options we can explore.
Frankly, the only issues we've seen with browser connections in the past with 1Password in business environments was due to "security" software and things like proxy/firewall settings blocking localhost connections (since 1Password has been using WebSockets for years now to communicate with the browser extensions). It seems to me that invalidating the browser's signature would break far more than just 1Password's ability to verify it, but I suppose it depends on what's being done exactly. I look forward to hearing back from you!
0 -
Here the screenshot.We have a "security" software installed at the clients but it seems like the connection between Firefox and 1Passwords works, is there any differences how those two browsers communicate with 1Password?
0 -
@heubergen: Yes. As I mentioned above, the stable version of the 1Password Firefox extension still uses WebSockets to communicate with the app, whereas Chrome (and related browsers) are now using Native Messaging. However, we've found that the latter reduces interference from "security" software suites. But in both cases there's is a signature check, so that's probably a red herring. It may be, however, that whatever stuff you're using is not messing with Firefox, only Chrome, which prevents 1Password from verifying its signature. Can you be more specific about what you're using? Based on your screenshot, it doesn't look like a connection fromFirefox has been accepted or rejected.
0 -
Hi @brenty,
Sorry for the confusion, this screenshot was made on a computer from a working colleague who use Chrome as his only browser.
Let's summarize the issue quick:- 1Password6 (Stable), Firefox 57 (which use Native Messaging) and 1Password Browser Extensions Beta - It works
- 1Password6 (Stable), Firefox 53 and 1Password Browser Extensions - It works
- 1Password6 (Stable), Chrome 49 and 1Password Browser Extensions - It doesn't work
Best,
Patrick0 -
@heubergen: Ah, okay that makes sense. Thank you for clarifying! Chrome 49 is super old (about 18 months) and not supported by 1Password or by Google. It's also using Google's old certificate, which they changed earlier this year. So I don't think this is something caused by other software then. It's just out of date, so installing the latest version of Chrome should do the trick, since that supports Native messaging fully. I hope this helps. Be sure to let me know if you have any other questions! :)
0