Webauth errors with 1.48.158 which was working in 1.47.186 and earlier

using the bitwarnden extension to sign in to bitwarden using fido/webauthn (yubikey bio)
has been working fine until today

Brave browser 1.48.158 (says latest) with Bw extension 2023.1.0
(was working fine for past weeks)
tested on old laptop with previous version of Brave and works OK 1.47.186

edge is OK and works fine with webauth

the error displayed is
“not allowed error: webauthn is not supported on site with TLS certificate errors”

has something changed/broken in 1.48.158 ?

Not sure.
Could you please check in a private window?
If that works remove extensions and try again. Also try clearing the cookies.

1 Like

Hi thanks no same issue
works in edge (normal or private)
works in brave 1.47.186 (normal or private)
fails in 1.48.158 (normal or private) - also reinstalled extension (still fails)

1 Like

@Mattches could you please look into this? Thanks so much!

1 Like

p.s it doesnt seem to affect security key/webauth prompts for google/twitter/proton/nextcloud etc these all working fine

only seems to be affecting the bitwarden extension
(i have also posted this on their forums) but the actual issue started with braves update (their extension has not been updated)

1 Like

Can test this, I have Yubikey + Bitwarden. Have 2FA on Gmail, Facebook I can test with. Is that enough?

if you have brave, bitwarden and bitwarden extension, and your bitwarden is setup for your yubikey as webauth 2fa
(you also need the extension set to “Not remember your 2fa” so it prompts each time you login…
the latest version of brave now throws this error

if you have it set to “remember you” the only way i found to clear that is to uninstall/reinstall the extension

this works fine with 1.47.186 and older… but 1.48.158 breaks it (but appears to only break bitwarden extension, other webauth sites appear fine)

appears its not just brave but all chromium and bitwarden are planning a fix on github https://github.com/bitwarden/clients/pull/4695

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.