Jump to content

Archived

This topic is now archived and is closed to further replies.

Janus

Roboform and ssl protocol filtering

Recommended Posts

Hello Eset

 

 

Issue: Roboform can't connect/synchronize to Roboform Everywhere cloud, when "Always Scan ssl protocol" is enabled.When disabling "Always scan ssl" and then set back to Do not scan ssl protocol, then will Roboform synchronize Again

(Excluding Roboform from protocol filtering helps, but should not be a long time solution. With Ess 6x no issue)

 

Data : Windows 8 64 bit full patch. IE10 version 27.01453.110m. Eset Smart Secyrity Beta 7.0.28.0.

Roboform Everywhere version: 7.8.9.5. SHA1: 668998849768c68f5a2464c6b54bd9f8b1a30d28 MD5: 6291b03c4e6b0109c2034971c7efce05 (Source to md5/sha1, Virus total.)

 

Regards, Janus

 

 

post-65-0-76395000-1371108090_thumb.png

Share this post


Link to post
Share on other sites

Are you able to open and browse https websites via Internet Explorer with SSL scanning enabled?

Share this post


Link to post
Share on other sites

Yes no problem at all, can surf flawlessness on https with IE 10, even my banks website :-)) ....Just a quick update: same problem as mentioned above, when using the settings mentioned, and with the same browser, but now, also on Windows 7 64 bit platform.

 

Regards, Janus

Share this post


Link to post
Share on other sites

Thanks Janus for reporting this. Sees the same error in Chrome 27.01 and Ie 10, windows 7 32 bit, when I try to synchronise Roboform v. 7.8.9.5 to Everywhere online account. So to sum it up: Always scan ssl=not synchronising to online account.....Disabling Always scan ssl = online account Works.

Thanks

 

 

Share this post


Link to post
Share on other sites

Hello,

 

I had to add the certificate for online.roboform.com to "Excluded certificates" in order to get it to work while leaving "Always scan SSL protocol" enabled... It does show as a valid/good certificate in ESS but SSL scanning just does not want to work with it...

Share this post


Link to post
Share on other sites

Hello,

 

Please bear with me if I ask any ignorant questions as I am not too very well knowledgeable in the area of SSL. I have the same issue also with Trillian instant messenger. In order to keep "Always scan SSL protocol" enabled and for Trillian to work, I have to add all certificates involved to "Excluded certificates". As far as I know I have everything set up correctly. I know in the case of browsers, ESS installs its own certificate into the browser. Could this issue stem from ESS not being able to install its certificate into a third party app such as RoboForm or Trillian? Is much security lost by excluding certificates? I assume ESS will still stop the malware but just later in the process after the data in decrypted...

Share this post


Link to post
Share on other sites

Hello,

 

I am also getting a lot of TLS handshake failures when using SSL protocol filtering with my email client The Bat! :

 6/19/2013, 11:21:58: FETCH - receiving mail messages
 6/19/2013, 11:21:58: FETCH - Connecting to POP3 server pop.gmail.com on port 995
 6/19/2013, 11:21:58: FETCH - Couldn't connect to 2607:f8b0:400c:c02::6d trying subsequent addresses...
 6/19/2013, 11:21:58: FETCH - Connecting to 173.194.73.109...
 6/19/2013, 11:21:58: FETCH - Initiating TLS handshake
>6/19/2013, 11:21:59: FETCH - Certificate S/N: 64, algorithm: RSA (512 bits), issued from 6/12/2013 4:58:44 AM to 6/7/2033 4:58:44 AM, for 1 host(s): pop.gmail.com.
>6/19/2013, 11:21:59: FETCH - Owner: US, California, Mountain View, Google Inc, pop.gmail.com.
>6/19/2013, 11:21:59: FETCH - Root: EN, root.antispamsniper.com
 6/19/2013, 11:21:59: FETCH - TLS handshake complete
 6/19/2013, 11:21:59: FETCH - connected to POP3 server
 6/19/2013, 11:21:59: FETCH - authenticated (plain)
 6/19/2013, 11:22:00: FETCH - 0 messages in the mailbox, 0 new
 6/19/2013, 11:22:00: FETCH - connection finished - 0 messages received
 6/19/2013, 11:32:00: FETCH - receiving mail messages
 6/19/2013, 11:32:00: FETCH - Connecting to POP3 server pop.gmail.com on port 995
 6/19/2013, 11:32:00: FETCH - Couldn't connect to 2607:f8b0:400c:c02::6c trying subsequent addresses...
 6/19/2013, 11:32:00: FETCH - Connecting to 173.194.73.108...
 6/19/2013, 11:32:01: FETCH - Initiating TLS handshake
!6/19/2013, 11:32:01: FETCH - TLS handshake failure. An existing connection was forcibly closed by the remote host

This issue happens about 2 out of 3 times when retrieving emails from Google. I also use two other email providers with no issues (also with SSL). If I disable SSL protocol filtering then the issue goes away... I also noticed from above that it is never able to connect to an IPv6 address while SSL protocol filtering is enabled.

Share this post


Link to post
Share on other sites

Hello,

 

Please bear with me if I ask any ignorant questions as I am not too very well knowledgeable in the area of SSL. I have the same issue also with Trillian instant messenger. In order to keep "Always scan SSL protocol" enabled and for Trillian to work, I have to add all certificates involved to "Excluded certificates". As far as I know I have everything set up correctly. I know in the case of browsers, ESS installs its own certificate into the browser. Could this issue stem from ESS not being able to install its certificate into a third party app such as RoboForm or Trillian? Is much security lost by excluding certificates? I assume ESS will still stop the malware but just later in the process after the data in decrypted...

 

If a 3rd party application uses the Trusted Root Certification Authorities certificate store, then it will work. Otherwise import of the root certificate must be supported specifically for the application. Firefox and Thunderbid use their own TRCA certificate store but are supported, hence SSL scanning works.

Share this post


Link to post
Share on other sites

Thanks Marcos,

 

OK, if I understand it all correctly, it explains why the "Always scan SSL protocol" does not work with a lot of third party apps. I also assume this explains why when you have it set to "Ask about non-visited sites" and then using "Trusted certificates" does not work either. In these instances the only option left is to add the certificates in question to the "Excluded certificates". Is my understanding correct? If so, I now know how to go about setting it up properly. It seems this thread is not about a bug with the beta, but about setting up the SSL protocol filtering properly in order for it to work. Thanks a lot!!!

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...