Janus 210 Posted June 13, 2013 Share Posted June 13, 2013 Hello Eset Issue: Roboform can't connect/synchronize to Roboform Everywhere cloud, when "Always Scan ssl protocol" is enabled.When disabling "Always scan ssl" and then set back to Do not scan ssl protocol, then will Roboform synchronize Again (Excluding Roboform from protocol filtering helps, but should not be a long time solution. With Ess 6x no issue) Data : Windows 8 64 bit full patch. IE10 version 27.01453.110m. Eset Smart Secyrity Beta 7.0.28.0. Roboform Everywhere version: 7.8.9.5. SHA1: 668998849768c68f5a2464c6b54bd9f8b1a30d28 MD5: 6291b03c4e6b0109c2034971c7efce05 (Source to md5/sha1, Virus total.) Regards, Janus Link to comment Share on other sites More sharing options...
Administrators Marcos 4,704 Posted June 13, 2013 Administrators Share Posted June 13, 2013 Are you able to open and browse https websites via Internet Explorer with SSL scanning enabled? Link to comment Share on other sites More sharing options...
Janus 210 Posted June 13, 2013 Author Share Posted June 13, 2013 (edited) Yes no problem at all, can surf flawlessness on https with IE 10, even my banks website :-)) ....Just a quick update: same problem as mentioned above, when using the settings mentioned, and with the same browser, but now, also on Windows 7 64 bit platform. Regards, Janus Edited June 13, 2013 by Janus Link to comment Share on other sites More sharing options...
hansen 0 Posted June 18, 2013 Share Posted June 18, 2013 Thanks Janus for reporting this. Sees the same error in Chrome 27.01 and Ie 10, windows 7 32 bit, when I try to synchronise Roboform v. 7.8.9.5 to Everywhere online account. So to sum it up: Always scan ssl=not synchronising to online account.....Disabling Always scan ssl = online account Works. Thanks Link to comment Share on other sites More sharing options...
ESET Insiders puff-m-d 120 Posted June 18, 2013 ESET Insiders Share Posted June 18, 2013 (edited) Hello, I had to add the certificate for online.roboform.com to "Excluded certificates" in order to get it to work while leaving "Always scan SSL protocol" enabled... It does show as a valid/good certificate in ESS but SSL scanning just does not want to work with it... Edited June 18, 2013 by puff-m-d Link to comment Share on other sites More sharing options...
ESET Insiders puff-m-d 120 Posted June 18, 2013 ESET Insiders Share Posted June 18, 2013 Hello, Please bear with me if I ask any ignorant questions as I am not too very well knowledgeable in the area of SSL. I have the same issue also with Trillian instant messenger. In order to keep "Always scan SSL protocol" enabled and for Trillian to work, I have to add all certificates involved to "Excluded certificates". As far as I know I have everything set up correctly. I know in the case of browsers, ESS installs its own certificate into the browser. Could this issue stem from ESS not being able to install its certificate into a third party app such as RoboForm or Trillian? Is much security lost by excluding certificates? I assume ESS will still stop the malware but just later in the process after the data in decrypted... Link to comment Share on other sites More sharing options...
ESET Insiders puff-m-d 120 Posted June 19, 2013 ESET Insiders Share Posted June 19, 2013 Hello, I am also getting a lot of TLS handshake failures when using SSL protocol filtering with my email client The Bat! : 6/19/2013, 11:21:58: FETCH - receiving mail messages 6/19/2013, 11:21:58: FETCH - Connecting to POP3 server pop.gmail.com on port 995 6/19/2013, 11:21:58: FETCH - Couldn't connect to 2607:f8b0:400c:c02::6d trying subsequent addresses... 6/19/2013, 11:21:58: FETCH - Connecting to 173.194.73.109... 6/19/2013, 11:21:58: FETCH - Initiating TLS handshake>6/19/2013, 11:21:59: FETCH - Certificate S/N: 64, algorithm: RSA (512 bits), issued from 6/12/2013 4:58:44 AM to 6/7/2033 4:58:44 AM, for 1 host(s): pop.gmail.com.>6/19/2013, 11:21:59: FETCH - Owner: US, California, Mountain View, Google Inc, pop.gmail.com.>6/19/2013, 11:21:59: FETCH - Root: EN, root.antispamsniper.com 6/19/2013, 11:21:59: FETCH - TLS handshake complete 6/19/2013, 11:21:59: FETCH - connected to POP3 server 6/19/2013, 11:21:59: FETCH - authenticated (plain) 6/19/2013, 11:22:00: FETCH - 0 messages in the mailbox, 0 new 6/19/2013, 11:22:00: FETCH - connection finished - 0 messages received 6/19/2013, 11:32:00: FETCH - receiving mail messages 6/19/2013, 11:32:00: FETCH - Connecting to POP3 server pop.gmail.com on port 995 6/19/2013, 11:32:00: FETCH - Couldn't connect to 2607:f8b0:400c:c02::6c trying subsequent addresses... 6/19/2013, 11:32:00: FETCH - Connecting to 173.194.73.108... 6/19/2013, 11:32:01: FETCH - Initiating TLS handshake!6/19/2013, 11:32:01: FETCH - TLS handshake failure. An existing connection was forcibly closed by the remote host This issue happens about 2 out of 3 times when retrieving emails from Google. I also use two other email providers with no issues (also with SSL). If I disable SSL protocol filtering then the issue goes away... I also noticed from above that it is never able to connect to an IPv6 address while SSL protocol filtering is enabled. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,704 Posted June 19, 2013 Administrators Share Posted June 19, 2013 Hello, Please bear with me if I ask any ignorant questions as I am not too very well knowledgeable in the area of SSL. I have the same issue also with Trillian instant messenger. In order to keep "Always scan SSL protocol" enabled and for Trillian to work, I have to add all certificates involved to "Excluded certificates". As far as I know I have everything set up correctly. I know in the case of browsers, ESS installs its own certificate into the browser. Could this issue stem from ESS not being able to install its certificate into a third party app such as RoboForm or Trillian? Is much security lost by excluding certificates? I assume ESS will still stop the malware but just later in the process after the data in decrypted... If a 3rd party application uses the Trusted Root Certification Authorities certificate store, then it will work. Otherwise import of the root certificate must be supported specifically for the application. Firefox and Thunderbid use their own TRCA certificate store but are supported, hence SSL scanning works. Link to comment Share on other sites More sharing options...
ESET Insiders puff-m-d 120 Posted June 19, 2013 ESET Insiders Share Posted June 19, 2013 Thanks Marcos, OK, if I understand it all correctly, it explains why the "Always scan SSL protocol" does not work with a lot of third party apps. I also assume this explains why when you have it set to "Ask about non-visited sites" and then using "Trusted certificates" does not work either. In these instances the only option left is to add the certificates in question to the "Excluded certificates". Is my understanding correct? If so, I now know how to go about setting it up properly. It seems this thread is not about a bug with the beta, but about setting up the SSL protocol filtering properly in order for it to work. Thanks a lot!!! Link to comment Share on other sites More sharing options...
Recommended Posts