Code signature could not be verified (Windows) after Chrome auto-updated

Hi,

After Chrome (win 8.1 pro) updated itself to version 48.0.2564.116 m, I've been getting the "Code signature could not be verified” error dialogue all the time. I went through the trouble shooting guide... disabled mcafee enterprise security and restarted the 1password helper.

https://support.1password.com/invalid-code-signature-win/

I'd prefer to not disable code signature verification.

Is this a known issue? Did Chrome break something?

Thanks,
Chris

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @pdxtopher: Unless Chrome itself is damaged (unlikely), this isn't a Chrome or 1Password issue; rather, a common problem is that "security" software modifies the browser or prevents 1Password from communicating with it to verify that it is legitimate. It is likely that Mcafee is interfering, and setting up an exception for 1Password will allow it to do its job. Please let me know what you find. I look forward to hearing back from you! :)

  • tby
    tby
    Community Member

    Also having this problem after Chrome updated to 48.0.2564.116 m this morning. I'm running Sophos Home and adding an exception for 127.0.0.1 resolved the issue. Please consider using a different loopback address in the future -- I'd rather not have a blanket exception for the most widely-used loopback address when there are 16,777,213 others to choose from.

  • MikeT
    edited February 2016

    Hi @tby,

    This is the commonly used because majority of the systems resolve localhost to this loopback address, which is what we need for 1Password extensions to communicate to 1Password Helper on the same system. Changing the standard IP address would often cause additional problems down the line.

    We would like to avoid using localhost/loopback in the future but for now, there's no universal replacement we can use that works better than this solution.

  • pdxtopher
    pdxtopher
    Community Member
    edited February 2016

    @brenty ok thanks... I temporarily disabled the security and it didn't change anything so I thought it might not be the security software. unfortunately it's enterprise s/w and I have no idea how to add an exception. :(

    I just installed Firefox (fresh download this morning) and the 1Password functionality works no problem. Does that tell you anything?

    Thanks,
    Chris

  • tby
    tby
    Community Member

    @MikeT, probably shouldn't use 'localhost' when you mean '127.0.0.1' either. I can't think of a terribly good reason why someone would change it to resolve to something else... but on most operating systems it can be changed in the hosts file.

  • Hi guys,

    @pdxtopher:

    I just installed Firefox (fresh download this morning) and the 1Password functionality works no problem. Does that tell you anything?

    It does mean the security software isn't the cause. This will be difficult to narrow down quickly here without seeing the 1Password diagnostics report.

    Please use this guide to generate the report and email it to us at support+windows@agilebits.com. Also, in the email, include the link to this thread along with your forum username, so that we can connect the email to this thread.

    Let us know here when you've sent it, so we can confirm we got the email.

    @tby:

    probably shouldn't use 'localhost' when you mean '127.0.0.1' either.

    It's not just us, we also have to rely on the third party stacks; such as the browser APIs, its websocket communication stacks, and so on. It also has to deal with various proxy solutions doesn't work on localhost but works on 127.0.0.1 and so on. Some uses localhost when they mean 127.0.0.1, some uses the other way around. Not to mention, the extensions are also the same on various platforms.

    We have to go with a solution that works for nearly all of our customers and this is the best solution we have. We can't make this complex and tell customers to change it in the hosts file to make it work. In several years, this worked just fine for almost all of our customers and thus, we have no plans to change this until we find a solution that's universal and works better than the current one. There is some news that in Chrome, we could use a different API that does not rely on websockets and IP address such as Native Messaging APIs. Again, this isn't a universal solution, only works for Chrome for now but it could lead to a standard that works in all major browsers.

  • pdxtopher
    pdxtopher
    Community Member

    @MikeT OK will-do, thank you.

  • You're welcome. Don't forget to let us know you sent it, so we can confirm we got the email.

  • pdxtopher
    pdxtopher
    Community Member

    @MikeT Email sent.

  • Thanks, we got the report and will reply as soon as we analyze the report.

    ref: ZZC-28388-851

This discussion has been closed.