Safepay Doesn't Open Digital Certificate

Hello Bitdefender team


I bought the Internet Security 2013 just yesterday. I am a returning customer becuase I was always satisfied with Bitdefender.


The only problem I have for now is loging into my web bank account. On IE everythinks works ok but not under Safepay.


The bank web page opens normally. When I click to open my account I must receive digital certificate confirmation to continue with authorisation but that doesn't happen.


Any help is greatly appreciated.


Regards,


Gorazd

Comments

  • Pisaneli
    edited September 2012

    Hi guys


    Doesn't anyone have an idea how to resolve this?


    Regards,


    Gorazd

  • camarie
    camarie Principal Software Developer BD Staff
    Hello Bitdefender team


    I bought the Internet Security 2013 just yesterday. I am a returning customer becuase I was always satisfied with Bitdefender.


    The only problem I have for now is loging into my web bank account. On IE everythinks works ok but not under Safepay.


    The bank web page opens normally. When I click to open my account I must receive digital certificate confirmation to continue with authorisation but that doesn't happen.


    Any help is greatly appreciated.


    Regards,


    Gorazd


    Can you tell me which is the bank domain? My first idea is that the certificate used by the bank to authorize access is not seen by Safepay.


    I don't know an all-purpose mechanism used by banks for certificate authentication, but I suppose this is happening:


    - the certiifcate is generated by the bank for a specific browser and possibly also operating system (say Windows version x and Internet Explorer, for example), and can be used only by the browser used to generate the certificate


    - the certificate is then downloaded on the computer intended to use


    - the certificate is stored in a location either not seen by Safepay, or not used (is not intended to be used by other browser)


    I know is a little bit too much information here, perhaps, but can you let me know more details about this? For example, if you use Firefox, Chrome, or Safari, instead of IE, the authentication works normally or is also blocked with some error message?


    I don't expect to clarify all just in a single round of messages, so, if you would like to offer us more details, that will help us to identify what happens and possibly come up with an implementation (possible to import certificates to be used by Safepay, for example) that will let you use Safepay also in this scenario.


    Regards,


    Cristian Amarie


    Lead developer, Bitdefender Safepay

  • Can you tell me which is the bank domain? My first idea is that the certificate used by the bank to authorize access is not seen by Safepay.


    I don't know an all-purpose mechanism used by banks for certificate authentication, but I suppose this is happening:


    - the certiifcate is generated by the bank for a specific browser and possibly also operating system (say Windows version x and Internet Explorer, for example), and can be used only by the browser used to generate the certificate


    - the certificate is then downloaded on the computer intended to use


    - the certificate is stored in a location either not seen by Safepay, or not used (is not intended to be used by other browser)


    I know is a little bit too much information here, perhaps, but can you let me know more details about this? For example, if you use Firefox, Chrome, or Safari, instead of IE, the authentication works normally or is also blocked with some error message?


    I don't expect to clarify all just in a single round of messages, so, if you would like to offer us more details, that will help us to identify what happens and possibly come up with an implementation (possible to import certificates to be used by Safepay, for example) that will let you use Safepay also in this scenario.


    Regards,


    Cristian Amarie


    Lead developer, Bitdefender Safepay


    Hi everybody


    I'm replying because I have very similar problem.


    OS W7


    browser IE10, Firefox18, Chrome25


    Signing in my bank account has two steps. First it asks me to enter the digital certificate password. This step runs in separate window.


    In the second step I'm asked for the username.


    I supose the problem is in the separate popup window which reqire the certificate password. I can't force any browswer to remember the password because several users have acces to banking on this computer. Each one has it's own certificate.


    I would appreciate very much if I would be able to acces to my bank using safepay.


    Best regards


    FE

  • Georgia
    Georgia ✭✭✭

    Hi FE and welcome to the Bitdefender forums!


    Could you please tell us the bank domain?

  • Hi FE and welcome to the Bitdefender forums!


    Could you please tell us the bank domain?


    Domain of the bank is www.nlb.si


    It redirects to the https://klik.nlb.si


    I hope this is the data you need to know.


    Best regards


    FE

  • camarie
    camarie Principal Software Developer BD Staff
    Domain of the bank is www.nlb.si


    It redirects to the https://klik.nlb.si


    I hope this is the data you need to know.


    Best regards


    FE


    An issue has been created for investigate this. I hope it is something that can be solved - I know there are cases when a bank gives the customer a certificate for the browser the customer accessed the bank website - so chances are that a certificate will work from Internet Explorer but not from other browsers.


    We'll get back to you as soon as we have news. (Testing won't be easy since we don't have a certificate from the bank - and chances are we won't get one for testing purposes...)


    Regards,


    Cristian

  • An issue has been created for investigate this. I hope it is something that can be solved - I know there are cases when a bank gives the customer a certificate for the browser the customer accessed the bank website - so chances are that a certificate will work from Internet Explorer but not from other browsers.


    We'll get back to you as soon as we have news. (Testing won't be easy since we don't have a certificate from the bank - and chances are we won't get one for testing purposes...)


    Regards,


    Cristian


    I understand that it won't be easy to cope with a certificate which open a new window to enter a password.


    I'm able to access to my bank site using IE, Firefox or Chrome. In Chrome I'm not able to sign a bank's certificate which are sent


    to me at certain transactions. I'm telling this because it could be helpful to you.


    Best regards


    FE

  • Hi, I realise that it has been a while since that thread was active. I think there is a problem that we have to import our digital certificate into the web browser we use. But I cant find any options in safepay to import any certificate. The whole point of safepay is to use my bank more securelly, so i dont see any reason there shouldnt be an import option. Any help on that would be great.


    The Certificate Authority that issues my certificate is http://postarca.posta.si/ (i hope that helps).


    The public part of the key is also availeble at the same address.

  • camarie
    camarie Principal Software Developer BD Staff
    edited April 2014
    Hi, I realise that it has been a while since that thread was active. I think there is a problem that we have to import our digital certificate into the web browser we use. But I cant find any options in safepay to import any certificate. The whole point of safepay is to use my bank more securelly, so i dont see any reason there shouldnt be an import option. Any help on that would be great.


    The Certificate Authority that issues my certificate is http://postarca.posta.si/ (i hope that helps).


    The public part of the key is also availeble at the same address.


    The implementation is scheduled for the next product version (that is, the 2015 version, which just now hit first beta).


    Regards,


    Cristian

  • The implementation is scheduled for the next product version (that is, the 2015 version, which just now hit first beta).


    Regards,


    Cristian


    Thank you for the reply.