SSL certificate validation failed.

[Baloue]

Hello all,

I have exactly the same issue, I can't ask to my compagnie to update the firewall rule, that's really a stupid things.
As I really need to have a password manager and I really appreciate ENPASS, but if there is no fix soon, I'll move to another one.

There is no news from ENPASS teams, please can you give a feedback on this topic?

Best Regards

[Mohit Thapa]

I extend my sincere apologies for any inconvenience caused and want to update you that the Enpass Technical team is actively looking into the issue. As part of this investigation, I have been assigned to gather additional information from users here, enabling us to conduct a more comprehensive analysis. Your cooperation and input in this matter are highly valued and appreciated-

Can you launch https://license.enpass.io in a browser and share the certificate details? It should have same fingerprint as in the image below:
 

 

[GregW]

Our company uses Netskope Root CA's and SSL decryption which means this change prevents Enpass being used on work laptops. With this change you have just lost a large segment of your corporate customers.

[Baloue]

On 12/21/2023 at 4:43 PM, Mohit Thapa said:

I extend my sincere apologies for any inconvenience caused and want to update you that the Enpass Technical team is actively looking into the issue. As part of this investigation, I have been assigned to gather additional information from users here, enabling us to conduct a more comprehensive analysis. Your cooperation and input in this matter are highly valued and appreciated-

Can you launch https://license.enpass.io in a browser and share the certificate details? It should have same fingerprint as in the image below:
 

 

Hello @Mohit Thapa,

Thank you for helping, can you explain how yo display the certificate with edge?

By the way, for now I use the old portable version without the encryption and works better;)

[Ivarson]

On 12/21/2023 at 4:43 PM, Mohit Thapa said:

I extend my sincere apologies for any inconvenience caused and want to update you that the Enpass Technical team is actively looking into the issue. As part of this investigation, I have been assigned to gather additional information from users here, enabling us to conduct a more comprehensive analysis. Your cooperation and input in this matter are highly valued and appreciated-

Can you launch https://license.enpass.io in a browser and share the certificate details? It should have same fingerprint as in the image below:
 

 

 

Just tell the devs to stop this malarcy with. It's redicioulus esp. with Enpass going Enterprise.

Pinning was introduced after a security audit you had done prior to Enpass Business, but surely you fixed the real issues that came to light?

Continuing SSL/TLS-pinning for now is just security by obscurity :-)

[vortex635]

Been using Enpass macOS on my work laptop with ZScaler for several years.

Today, I go to open my vault and am met with this same error. Tried on and off corporate VPN, same result.

If it weren't for the fact that I found the vault.enpassdbsync file on my macOS filesystem, exported it, and opened it on another machine, I would be locked out of all my critical work passwords that I rely on daily with no recourse.

Thank god I recovered my vault on another machine. Now I can export the passwords and sprint away from Enpass permanently, given several other users have reported being locked out in recent days/weeks with no apparent solution in sight.

This is the moment you learn that you would've been better off using sticky notes than trusting Enpass, regardless of how well it worked up until it didn't.

[Baloue]

Dear team,

do you have news on this blocking issue?

 

[g33k247]

add me to the list of disgruntled users that can't use Enpass on a new corporate LT because my employer uses Zscaler

[Baloue]

Hello, 

Still now no news, do you have an alternative to replace enpass?

[cuco]

I tried https://license.enpass.io/ and it just shows "not found". That's it. No certificate popup.

[johnq]

On 12/21/2023 at 3:43 PM, Mohit Thapa said:

I extend my sincere apologies for any inconvenience caused and want to update you that the Enpass Technical team is actively looking into the issue. As part of this investigation, I have been assigned to gather additional information from users here, enabling us to conduct a more comprehensive analysis. Your cooperation and input in this matter are highly valued and appreciated-

Can you launch https://license.enpass.io in a browser and share the certificate details? It should have same fingerprint as in the image below:
 

 

Why should we engage in this at all? Enpass needs to stop this altogether. You advertised your software as working offline. What you are doing here is a complete rug pull  by having your softwatre call home online and refuse to start. Users will not be able to trust you. For example, I no longer trust you that Enpass doesn't send any other data home.

Either make your software work offline like you advertised it, or admit that your software does not actually work fully offline, that users can get locked out (as demonstrated in this thread), and that you cannot guarantee what data Enpass is sending back when it calls home online.

This is beyond disappointing.

[AnakinCaesar]

16 hours ago, cuco said:

I tried https://license.enpass.io/ and it just shows "not found". That's it. No certificate popup.

The popup doesnt show automatically. Depending on your browser you have to click on a specific part in the adressbar to get to see the certificate.

[poorguy]

Please update the software with new SSL certification

The problem is solved, thanks!

Edited January 17 by poorguy

[Baloue]

4 hours ago, poorguy said:

Please update the software with new SSL certification

The problem is solved, thanks!

Not for me

[cuco]

@Mohit Thapa I send you a pm. I have no update since Januar, 17. and the problem still exists.

 

 

Edited January 24 by cuco

[Baloue]

Hello all,

Honestly, I'm disappointed by the support and the follow-up of this issue created by the dev them-self.
It can take low time to reverse this functionality and give time to check.

 

 

[GregW]

On 1/17/2024 at 12:15 AM, poorguy said:

Please update the software with new SSL certification

The problem is solved, thanks!

I'm using version 6.9.3.1592 from the app store. It does not work.

[Christian Martin]

Hello Dewan,

we are running in the same problem - we are using SSL inspection.

Do you have a list of FQDNs or IP that we can exclude to be successful?

Regards

Christian

[Christian Martin]

It does not work.

Is a new version planned that solves the problem?

Or is it possible to exclude FQDNs or IPs

 

[Darius]

It is sad... Enpass is going to lose more and more customers (particularly business / corporate) because of this.

[Leonid Feldman]

Any news ?

[Leonid Feldman]

?

[Amandeep Kumar]

Hey All, 
I'd like to take this opportunity to inform you that our development team is already aware of this issue and is actively working on refining the pinning architecture. Rest assured, we have fixed the issue, and the solution will be included in the upcoming Enpass Builds. Before the official release, we will also provide access to the beta version. Once it's available, I'll notify you here. We appreciate your patience in the meantime.
#SI-3465

[Baloue]

Thank you for letting us know, but unfortunately, it's too late for me.
Since I haven't received any news, answers, or workarounds from you since December 2023, I've already switched to another password manager.

I'm sorry, but despite the fact that you have a nice product, I had to find a solution that meets my needs.