Read first: Previous version support information

How to validate SSL of 1Password server(s) from Windows client?

Options
JoeRoyce
JoeRoyce
Community Member
in 1Password 7 for Windows

I have a personal 1Password.com account and have installed the Windows app on a corporate PC. Their firewall decrypts and re-encrypts all traffic using a certificate issued by an enterprise CA, and trusted by all PCs on the network. I'm using a corporate proxy server that supposedly bypasses this, but how can I be sure my 1Password client is communicating over a fully secure channel (meaning my traffic isn't being decrypted by the corporate firewall)?

Does the 1Password client have its own internal certificate store, or is it using the Windows Trusted Root CA store? Is there a diagnostic log or console where I can verify the certificate of the server(s) the client is communicating with?

1Password Version: Latest
Extension Version: Latest
OS Version: Windows 10
Sync Type: 1Password

Comments

  • MikeT
    MikeT
    Options

    Hi @JoeRoyce,

    Thanks for writing in.

    First I want to mention that we encrypt your data locally first with your keys before any interaction with the network or anything external, meaning that they cannot decrypt the embedded encrypted payload even if you are using their CA that is decrypting all encrypted content.

    In addition, in order to validate the 1Password service is authentic, we use SRP (Secure Remote Password) protocol to ensure both side can verify each other is valid without using any of your private keys. You can learn more here: https://support.1password.com/secure-remote-password/

    To answer your question, we are using your Windows Trusted Root CA store.

This discussion has been closed.