Baloue Posted December 20, 2023 Report Share Posted December 20, 2023 Hello all, I have exactly the same issue, I can't ask to my compagnie to update the firewall rule, that's really a stupid things. As I really need to have a password manager and I really appreciate ENPASS, but if there is no fix soon, I'll move to another one. There is no news from ENPASS teams, please can you give a feedback on this topic? Best Regards Link to comment Share on other sites More sharing options...
Mohit Thapa Posted December 21, 2023 Report Share Posted December 21, 2023 I extend my sincere apologies for any inconvenience caused and want to update you that the Enpass Technical team is actively looking into the issue. As part of this investigation, I have been assigned to gather additional information from users here, enabling us to conduct a more comprehensive analysis. Your cooperation and input in this matter are highly valued and appreciated- Can you launch https://license.enpass.io in a browser and share the certificate details? It should have same fingerprint as in the image below: Link to comment Share on other sites More sharing options...
GregW Posted January 2 Report Share Posted January 2 Our company uses Netskope Root CA's and SSL decryption which means this change prevents Enpass being used on work laptops. With this change you have just lost a large segment of your corporate customers. Link to comment Share on other sites More sharing options...
Baloue Posted January 3 Report Share Posted January 3 On 12/21/2023 at 4:43 PM, Mohit Thapa said: I extend my sincere apologies for any inconvenience caused and want to update you that the Enpass Technical team is actively looking into the issue. As part of this investigation, I have been assigned to gather additional information from users here, enabling us to conduct a more comprehensive analysis. Your cooperation and input in this matter are highly valued and appreciated- Can you launch https://license.enpass.io in a browser and share the certificate details? It should have same fingerprint as in the image below: Hello @Mohit Thapa, Thank you for helping, can you explain how yo display the certificate with edge? By the way, for now I use the old portable version without the encryption and works better;) Link to comment Share on other sites More sharing options...
Ivarson Posted January 3 Report Share Posted January 3 On 12/21/2023 at 4:43 PM, Mohit Thapa said: I extend my sincere apologies for any inconvenience caused and want to update you that the Enpass Technical team is actively looking into the issue. As part of this investigation, I have been assigned to gather additional information from users here, enabling us to conduct a more comprehensive analysis. Your cooperation and input in this matter are highly valued and appreciated- Can you launch https://license.enpass.io in a browser and share the certificate details? It should have same fingerprint as in the image below: Just tell the devs to stop this malarcy with. It's redicioulus esp. with Enpass going Enterprise. Pinning was introduced after a security audit you had done prior to Enpass Business, but surely you fixed the real issues that came to light? Continuing SSL/TLS-pinning for now is just security by obscurity :-) Link to comment Share on other sites More sharing options...
vortex635 Posted January 3 Report Share Posted January 3 Been using Enpass macOS on my work laptop with ZScaler for several years. Today, I go to open my vault and am met with this same error. Tried on and off corporate VPN, same result. If it weren't for the fact that I found the vault.enpassdbsync file on my macOS filesystem, exported it, and opened it on another machine, I would be locked out of all my critical work passwords that I rely on daily with no recourse. Thank god I recovered my vault on another machine. Now I can export the passwords and sprint away from Enpass permanently, given several other users have reported being locked out in recent days/weeks with no apparent solution in sight. This is the moment you learn that you would've been better off using sticky notes than trusting Enpass, regardless of how well it worked up until it didn't. Link to comment Share on other sites More sharing options...
Baloue Posted January 4 Report Share Posted January 4 Dear team, do you have news on this blocking issue? Link to comment Share on other sites More sharing options...
g33k247 Posted January 8 Report Share Posted January 8 add me to the list of disgruntled users that can't use Enpass on a new corporate LT because my employer uses Zscaler Link to comment Share on other sites More sharing options...
Baloue Posted January 11 Report Share Posted January 11 Hello, Still now no news, do you have an alternative to replace enpass? Link to comment Share on other sites More sharing options...
cuco Posted January 15 Report Share Posted January 15 I tried https://license.enpass.io/ and it just shows "not found". That's it. No certificate popup. Link to comment Share on other sites More sharing options...
johnq Posted January 15 Report Share Posted January 15 On 12/21/2023 at 3:43 PM, Mohit Thapa said: I extend my sincere apologies for any inconvenience caused and want to update you that the Enpass Technical team is actively looking into the issue. As part of this investigation, I have been assigned to gather additional information from users here, enabling us to conduct a more comprehensive analysis. Your cooperation and input in this matter are highly valued and appreciated- Can you launch https://license.enpass.io in a browser and share the certificate details? It should have same fingerprint as in the image below: Why should we engage in this at all? Enpass needs to stop this altogether. You advertised your software as working offline. What you are doing here is a complete rug pull by having your softwatre call home online and refuse to start. Users will not be able to trust you. For example, I no longer trust you that Enpass doesn't send any other data home. Either make your software work offline like you advertised it, or admit that your software does not actually work fully offline, that users can get locked out (as demonstrated in this thread), and that you cannot guarantee what data Enpass is sending back when it calls home online. This is beyond disappointing. 1 Link to comment Share on other sites More sharing options...
AnakinCaesar Posted January 16 Report Share Posted January 16 16 hours ago, cuco said: I tried https://license.enpass.io/ and it just shows "not found". That's it. No certificate popup. The popup doesnt show automatically. Depending on your browser you have to click on a specific part in the adressbar to get to see the certificate. Link to comment Share on other sites More sharing options...
poorguy Posted January 17 Report Share Posted January 17 (edited) Please update the software with new SSL certification The problem is solved, thanks! Edited January 17 by poorguy Link to comment Share on other sites More sharing options...
Baloue Posted January 17 Report Share Posted January 17 4 hours ago, poorguy said: Please update the software with new SSL certification The problem is solved, thanks! Not for me Link to comment Share on other sites More sharing options...
cuco Posted January 24 Report Share Posted January 24 (edited) @Mohit Thapa I send you a pm. I have no update since Januar, 17. and the problem still exists. Edited January 24 by cuco Link to comment Share on other sites More sharing options...
Baloue Posted January 25 Report Share Posted January 25 Hello all, Honestly, I'm disappointed by the support and the follow-up of this issue created by the dev them-self. It can take low time to reverse this functionality and give time to check. Link to comment Share on other sites More sharing options...
GregW Posted January 29 Report Share Posted January 29 On 1/17/2024 at 12:15 AM, poorguy said: Please update the software with new SSL certification The problem is solved, thanks! I'm using version 6.9.3.1592 from the app store. It does not work. Link to comment Share on other sites More sharing options...
Christian Martin Posted February 1 Report Share Posted February 1 Hello Dewan, we are running in the same problem - we are using SSL inspection. Do you have a list of FQDNs or IP that we can exclude to be successful? Regards Christian Link to comment Share on other sites More sharing options...
Christian Martin Posted February 1 Report Share Posted February 1 It does not work. Is a new version planned that solves the problem? Or is it possible to exclude FQDNs or IPs Link to comment Share on other sites More sharing options...
Darius Posted February 7 Report Share Posted February 7 It is sad... Enpass is going to lose more and more customers (particularly business / corporate) because of this. Link to comment Share on other sites More sharing options...
Leonid Feldman Posted March 13 Report Share Posted March 13 Any news ? Link to comment Share on other sites More sharing options...
Leonid Feldman Posted March 15 Report Share Posted March 15 ? Link to comment Share on other sites More sharing options...
Amandeep Kumar Posted March 19 Report Share Posted March 19 Hey All, I'd like to take this opportunity to inform you that our development team is already aware of this issue and is actively working on refining the pinning architecture. Rest assured, we have fixed the issue, and the solution will be included in the upcoming Enpass Builds. Before the official release, we will also provide access to the beta version. Once it's available, I'll notify you here. We appreciate your patience in the meantime. #SI-3465 Link to comment Share on other sites More sharing options...
Baloue Posted March 21 Report Share Posted March 21 Thank you for letting us know, but unfortunately, it's too late for me. Since I haven't received any news, answers, or workarounds from you since December 2023, I've already switched to another password manager. I'm sorry, but despite the fact that you have a nice product, I had to find a solution that meets my needs. 1 Link to comment Share on other sites More sharing options...
kvinar Posted May 23 Report Share Posted May 23 On 3/19/2024 at 12:46 PM, Amandeep Kumar said: Hey All, I'd like to take this opportunity to inform you that our development team is already aware of this issue and is actively working on refining the pinning architecture. Rest assured, we have fixed the issue, and the solution will be included in the upcoming Enpass Builds. Before the official release, we will also provide access to the beta version. Once it's available, I'll notify you here. We appreciate your patience in the meantime. #SI-3465 Hi, could you pls provide update regarding the release? We have zScaler now and it means I'm fully out of my all passwords. That's really big issue for me and as I can see in the thread, for plenty of others as well. Please help. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now