Can't sign into 1Password app (SSL error)

JessicaGJessicaG
edited March 2017 in Mac

I've been using 1Password successfully for a couple of months now, but I recently discovered that the 1Password app on my Mac had stopped syncing with my account. I can still sign in through the web and through the iOS apps on my iPhone and iPad, but after discovering the syncing issue and trying to sign out and back into my Mac app I now get an SSL error every time I try to sign back into the Mac app, meaning I can no longer access my 1Password account via the app. According to my account on the web, my vaults were last updated on February 12, but I had changed passwords in the app as recently as February 24. What makes this incredibly frustrating is that I had just started changing a lot of passwords in reaction to the CloudFlare issue, and none of those changed passwords synced to my account, meaning I'm locked out of several websites until I can get back into the Mac app and get everything syncing again.

I emailed support about this on Friday and again on Saturday but have not received a case number or any other response beyond the initial automated reply, so I'm attempting to reach someone via the forums. Please help me get the Mac app working again on my machine!


1Password Version: 6.6.1
Extension Version: 4.6.3
OS Version: 10.12.3
Sync Type: 1Password

ref: SAG-85239-132

Comments

  • I'm frustrated with the lack of support I got on this issue, but after four days of research and trial and error, I fixed this on my own. I discovered that while my usual browser, Firefox, could visit [myURL].1password.com with no problems, both Safari and Chrome were giving me a certificate error for that URL ("This certificate has an invalid issuer").

    I ended up finding the help I needed here: https://apple.stackexchange.com/questions/257080/how-to-tell-why-macos-thinks-that-a-certificate-is-revoked

    I entered the command I found there into Terminal (pasted below) and restarted my machine. The 1Password app was able to start again normally at this point, though I found that I had lost all of the changes I'd made since February 12 when my accounts stopped syncing.

    This is the command I used to flush my certificate cache:

    sqlite3 ~/Library/Keychains/*/ocspcache.sqlite3 'DELETE FROM responses WHERE responderURI LIKE "%http://%.globalsign.com/%";'

  • detlevskidetlevski Junior Member

    Thanks for helping other people out with this solution

  • This problem absorbed a lot of my morning trying to get the subscription version up and running so many thanks for posting the solution you found as it worked perfectly for me as well.

  • brentybrenty

    Team Member
    edited March 2017

    @JessicaG: That does sound frustrating! I see that Laura replied yesterday, but only after you were able to figure things out yourself. That's actually a good thing, because it isn't something we could actually fix anyway. I'm still sorry that you ran into this issue though, and I'm glad that you were able to repair your macOS Keychain to get SSL working normally for you again. And it was very kind of you to share it here so that others could benefit. As you noted, Firefox uses its own certificate store, so it wouldn't be affected by a problem with the system's CA cache. If 1Password can't validate the certificate chain, we don't want it allow the connection, since that would put all of us at risk.

    ref: SAG-85239-132

This discussion has been closed.