Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 26 Nov 2014, 01:38
All times are UTC - 4
 Forum index » House Training » Users ( For the regulars )
Last Pass: Problem with ssl certificates and getting online
Moderators: Flash, Ian, JohnMurga
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
redandwhitestripes

Joined: 02 Jan 2009
Posts: 124

PostPosted: Fri 16 Aug 2013, 13:10    Post_subject:  Last Pass: Problem with ssl certificates and getting online
Sub_title: With a portable app from Last Pass
 

Hi guys,
I’m still running Precise on a frugal install.

I’m using a superb app called Last Pass, which is a vault for all passwords and uses encryption and various security measures. It features a portable app (called Pocket) that works from a USB so the user can login from a different computer and still be safe.

I’m test driving the portable app from home and it says it "cannot access internet, error frameopen(2)"


The debug from the console reads:
Quote:

./pocket -d

(pocket:14336): Gtk-CRITICAL **: IA__gtk_widget_set_size_request: assertion ‘height >= -1' failed
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error
^C


Now after some research I gather this is something to do with certificate validation. Last Pass themselves suggest running
.
Quote:
Run 'sudo apt-get install ca-certificates libssl0.9.8' to update necessary packages



But of course I can’t do that. I’ve tried a few manual installs for libssl0.9.8 from debian sites but I still get the same problem.

An OSX user has had the same problem, it has been resolved but I can't follow the tech jargon: https://forums.lastpass.com/viewtopic.php?t=719

Can anyone help?

Many thanks,
Greg
Back to top
View user's profile Send_private_message 
Semme

Joined: 07 Aug 2011
Posts: 4050
Location: World_Hub

PostPosted: Fri 16 Aug 2013, 14:06    Post_subject:  

Hello Greg,

You might have an update-ca-certificates script in /usr/sbin. Click it, then try your app.

If it's still a no-show, you should find this in PPM >> ca-certificates_20111211_all.deb
Back to top
View user's profile Send_private_message 
redandwhitestripes

Joined: 02 Jan 2009
Posts: 124

PostPosted: Fri 16 Aug 2013, 19:54    Post_subject:  

Thanks, I found the file and clicked it but no change. I serached google for that package you suggest as I couldn't find it in PPM. I installed it but still....

Quote:
(pocket:28910): Gtk-CRITICAL **: IA__gtk_widget_set_size_request: assertion `height >= -1' failed
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error
Back to top
View user's profile Send_private_message 
Semme

Joined: 07 Aug 2011
Posts: 4050
Location: World_Hub

PostPosted: Fri 16 Aug 2013, 20:33    Post_subject:  

That PPM didn't have the pkg suggests you update.

As for the certs, this dumps what: curl -S https://lastpass.com

Since I've gotta be in bed early tonight, I'll leave you with a few suggestions..

And others that may fly >> caextract and sslcerts.

FF >> http://www.cyberciti.biz/faq/firefox-adding-trusted-ca/

==

What else you keep on this usb?

Your browser of choice?

==

Ahhh.. as I thought. The FF extension logs in without incident.

I suspect Pocket is expecting them somewhere they're not..
Back to top
View user's profile Send_private_message 
redandwhitestripes

Joined: 02 Jan 2009
Posts: 124

PostPosted: Sat 17 Aug 2013, 08:29    Post_subject:  

Thanks for your time. I followed the links you gave but SSL certification is something I have only a layman's knowledge of, so I can't link the information to my problem.

I found a directory /usr/share/ca-certificates and symlinked everything there to /etc/ssl/certs but still......

Quote:
(pocket:15343): Gtk-CRITICAL **: IA__gtk_widget_set_size_request: assertion `height >= -1' failed
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 E(pocket:15343): Gtk-CRITICAL **: IA__gtk_widget_set_size_request: assertion `height >= -1' failed
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Errorrror String: Error
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error




I keep various other items on the USB, films, leters, etc. I've also installed Firefox Portable for Windows

Crying or Very sad
Back to top
View user's profile Send_private_message 
pemasu


Joined: 08 Jul 2009
Posts: 5465
Location: Finland

PostPosted: Sat 17 Aug 2013, 10:00    Post_subject:  

http://murga-linux.com/puppy/viewtopic.php?p=713154#713154
Back to top
View user's profile Send_private_message 
redandwhitestripes

Joined: 02 Jan 2009
Posts: 124

PostPosted: Sat 17 Aug 2013, 12:47    Post_subject:  

That's worked Pemsu, thank you SO much, and thank you again Semme Cool
Back to top
View user's profile Send_private_message 
redandwhitestripes

Joined: 02 Jan 2009
Posts: 124

PostPosted: Sun 18 Aug 2013, 01:01    Post_subject:  

OK on the same note, I'm now testing a second lastpass app called 'sesame', it's useful is it allows users to use their smartphone UUID only as a second layer of authentication.

The debug is now feeding me:

Quote:
Connected to lastpass.com (128.121.22.133) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
* Closing connection #0
Linux HTTP(S) Post failed
Code: 0 Error String: Peer certificate cannot be authenticated with known CA certificates
Handling POST
* About to connect() to lastpass.com port 443 (#0)
* Trying 38.127.167.7... * connected
* Connected to lastpass.com (38.127.167.7) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
* Closing connection #0
Linux HTTP(S) Post failedConnected to lastpass.com (128.121.22.133) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
* Closing connection #0
Linux HTTP(S) Post failed
Code: 0 Error String: Peer certificate cannot be authenticated with known CA certificates
Handling POST
* About to connect() to lastpass.com port 443 (#0)
* Trying 38.127.167.7... * connected
* Connected to lastpass.com (38.127.167.7) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
* Closing connection #0
Linux HTTP(S) Post failed
Code: 0 Error String: Peer certificate cannot be authenticated with known CA certificates



I can see this is a certificate issue but I've manually typed the update command in the console.

Any suggestions? I've also reported the problem to lastpass.
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » House Training » Users ( For the regulars )
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0743s ][ Queries: 12 (0.0048s) ][ GZIP on ]