Last Pass: Problem with ssl certificates and getting online

Using applications, configuring, problems
Post Reply
Message
Author
redandwhitestripes
Posts: 179
Joined: Fri 02 Jan 2009, 06:49

Last Pass: Problem with ssl certificates and getting online

#1 Post by redandwhitestripes »

Hi guys,
I’m still running Precise on a frugal install.

I’m using a superb app called Last Pass, which is a vault for all passwords and uses encryption and various security measures. It features a portable app (called Pocket) that works from a USB so the user can login from a different computer and still be safe.

I’m test driving the portable app from home and it says it "cannot access internet, error frameopen(2)"


The debug from the console reads:
./pocket -d

(pocket:14336): Gtk-CRITICAL **: IA__gtk_widget_set_size_request: assertion ‘height >= -1' failed
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error
^C
Now after some research I gather this is something to do with certificate validation. Last Pass themselves suggest running
.
Run 'sudo apt-get install ca-certificates libssl0.9.8' to update necessary packages

But of course I can’t do that. I’ve tried a few manual installs for libssl0.9.8 from debian sites but I still get the same problem.

An OSX user has had the same problem, it has been resolved but I can't follow the tech jargon: https://forums.lastpass.com/viewtopic.php?t=719

Can anyone help?

Many thanks,
Greg
Top
User avatar
Semme
Posts: 8399
Joined: Sun 07 Aug 2011, 20:07
Location: World_Hub

#2 Post by Semme »

Hello Greg,

You might have an update-ca-certificates script in /usr/sbin. Click it, then try your app.

If it's still a no-show, you should find this in PPM >> ca-certificates_20111211_all.deb
Top
redandwhitestripes
Posts: 179
Joined: Fri 02 Jan 2009, 06:49

#3 Post by redandwhitestripes »

Thanks, I found the file and clicked it but no change. I serached google for that package you suggest as I couldn't find it in PPM. I installed it but still....
(pocket:28910): Gtk-CRITICAL **: IA__gtk_widget_set_size_request: assertion `height >= -1' failed
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error
Top
User avatar
Semme
Posts: 8399
Joined: Sun 07 Aug 2011, 20:07
Location: World_Hub

#4 Post by Semme »

That PPM didn't have the pkg suggests you update.

As for the certs, this dumps what: curl -S https://lastpass.com

Since I've gotta be in bed early tonight, I'll leave you with a few suggestions..

And others that may fly >> caextract and sslcerts.

FF >> http://www.cyberciti.biz/faq/firefox-adding-trusted-ca/

==

What else you keep on this usb?

Your browser of choice?

==

Ahhh.. as I thought. The FF extension logs in without incident.

I suspect Pocket is expecting them somewhere they're not..
Top
redandwhitestripes
Posts: 179
Joined: Fri 02 Jan 2009, 06:49

#5 Post by redandwhitestripes »

Thanks for your time. I followed the links you gave but SSL certification is something I have only a layman's knowledge of, so I can't link the information to my problem.

I found a directory /usr/share/ca-certificates and symlinked everything there to /etc/ssl/certs but still......
(pocket:15343): Gtk-CRITICAL **: IA__gtk_widget_set_size_request: assertion `height >= -1' failed
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 E(pocket:15343): Gtk-CRITICAL **: IA__gtk_widget_set_size_request: assertion `height >= -1' failed
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Errorrror String: Error
Handling POST
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

Linux HTTP(S) Post failed
Code: 0 Error String: Error


I keep various other items on the USB, films, leters, etc. I've also installed Firefox Portable for Windows

:cry:
Top
User avatar
pemasu
Posts: 5474
Joined: Wed 08 Jul 2009, 12:26
Location: Finland

#6 Post by pemasu »

http://murga-linux.com/puppy/viewtopic. ... 154#713154
Top
redandwhitestripes
Posts: 179
Joined: Fri 02 Jan 2009, 06:49

#7 Post by redandwhitestripes »

That's worked Pemsu, thank you SO much, and thank you again Semme 8)
Top
redandwhitestripes
Posts: 179
Joined: Fri 02 Jan 2009, 06:49

#8 Post by redandwhitestripes »

OK on the same note, I'm now testing a second lastpass app called 'sesame', it's useful is it allows users to use their smartphone UUID only as a second layer of authentication.

The debug is now feeding me:
Connected to lastpass.com (128.121.22.133) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
* Closing connection #0
Linux HTTP(S) Post failed
Code: 0 Error String: Peer certificate cannot be authenticated with known CA certificates
Handling POST
* About to connect() to lastpass.com port 443 (#0)
* Trying 38.127.167.7... * connected
* Connected to lastpass.com (38.127.167.7) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
* Closing connection #0
Linux HTTP(S) Post failedConnected to lastpass.com (128.121.22.133) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
* Closing connection #0
Linux HTTP(S) Post failed
Code: 0 Error String: Peer certificate cannot be authenticated with known CA certificates
Handling POST
* About to connect() to lastpass.com port 443 (#0)
* Trying 38.127.167.7... * connected
* Connected to lastpass.com (38.127.167.7) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
* Closing connection #0
Linux HTTP(S) Post failed
Code: 0 Error String: Peer certificate cannot be authenticated with known CA certificates
I can see this is a certificate issue but I've manually typed the update command in the console.

Any suggestions? I've also reported the problem to lastpass.
Top
Post Reply

Return to “Users ( For the regulars )”