Keepassxc-browser: unhelpful error "Key exchange was not successful." when native messaging host not set up

debug console shows:

Connecting to native messaging host org.keepassxc.keepassxc_browser keepass.js:1003:13
Failed to connect: Unknown error keepass.js:979:13
Error: Could not establish connection. Receiving end does not exist.

so the issue was keepassxc was enabled for chrome but not firefox...

so I guess, change this to... maybe handle this error and give more helpful error message. Perhaps... "KeepassXC is not configured, please set it up in preferences > browser integration and make sure <browser> is checked" or something

Those error messages have been changed few months ago. The problem here is that the same error message is used for several situations, and there's no way to distinguish them.

Independent of whatever the error message stands for, I see the same error message on MacOS with 1.4.5/2.4.2 and Chrome.

It appears to me that this bug is so severe that renders the extension useless, doesn't it?
Was this ever tested? Or "am I holding it wrong"?

Independent of whatever the error message stands for, I see the same error message on MacOS with 1.4.5/2.4.2 and Chrome.

^^ same here.

Stable 2.4.2 release had a problem with linking keepassxc-proxy so the extension is not the only problem here (wrong linking doesn't launch the proxy process at all). The next extension release fixes the rest of reconnect problems. It's recommended to disable it if you encounter any problems. A warning text about it being experimental will be added.

@varjolintu I tried deleting the db in the browser extension, but when I press 'Connect' now nothing happens still.

I tried disabling the proxy setting under 'Advanced' in the 2.4.2 Browser preferences, but that just causes an icon to appear/disappear in the dock every 0.5 sec or so.

Was this all covered by the new release?

KeePassXC - unknown
KeePassXC-Browser - 1.4.5
Operating system: MacIntel
Browser: Chrome/Chromium 74.0.3729.169

@dxdc Without the proxy the connection with KeePassXC is direct. This means KeePassXC must be closed and the browser launches it at connect/reconnect. Make sure auto-reconnect is disabled.

@varjolintu I tried that; it's completely unusable. Keepasxc (proxy application) just keeps relaunching/quitting over and over and over. I had to disable the chrome extension, which wasn't easy with the keepassxc window taking focus every 0.5 sec.

@dxdc This is because of the wrong linking I said earlier. Only workaround for that is to load the previous version (or copy the proxy inside that package to the new one) until an update is uploaded.

@varjolintu great suggestion.

cp /Volumes/KeePassXC/KeePassXC.app/Contents/MacOS/keepassxc-proxy /Applications/KeePassXC.app/Contents/MacOS/keepassxc-proxy

worked perfectly for now.

Another solution is to install libsodium via Homebrew.

brew install libsodium

solved my problems on macOS. Thank you, @varjolintu!

And a third workaround that doesn't need any installing (https://github.com/keepassxreboot/keepassxc/issues/3209#issuecomment-498146146):

install_name_tool -change /usr/local/opt/libsodium/lib/libsodium.23.dylib "@executable_path/../Frameworks/libsodium.23.dylib" /Applications/KeePassXC.app/Contents/MacOS/keepassxc-proxy

Note that using the name tool will invalidate the app signature and prevent use of touchid. It might also impact Auto-Type

I'm experiencing the same problem after I installed the newest version of Keepass (2.4.2). I re-installed the chrome extension, re-downloaded the newest version of Keepass (32 bit to match operating system), made sure the "enable browser integration" setting was on. Also, I went into the "Connected Databases" tab in KeepassXC Browser's settings and noticed that there were no connected databases there. I tried to press the "connect" button but nothing happened.

debug info below:
KeePassXC - 2.4.2
KeePassXC-Browser - 1.4.6
Operating system: Win32
Browser: Chrome/Chromium 74.0.3729.169

I am totally new to coding, how do you implement the third workaround for windows 32 @varjolintu?

Are you using the portable version? If so, see https://github.com/keepassxreboot/keepassxc-browser/issues/456.

@varjolintu I am using portable, but I don't understand where to find the registry key.

@chundychang See https://github.com/keepassxreboot/keepassxc-browser/wiki/Troubleshooting-guide :)

@varjolintu Oh cmon, peoples use portable versions when thay haven't admin privileges.
After upgrade to 2.4.3 i getting error "Key exchange was not successful" in Chrome and Firefox.
Is there any way to fix it without admin privileges (that is needed to edit registry)

@buzzik Registry is needed to be modified to include the location of Native Messaging script file locations for Chrome and Firefox. If you cannot edit the registry, there's little you can do.

@buzzik Btw, have your tried to disable the support for your browser and then re-enable it from the KeePassXC settings?

@buzzik Btw, have your tried to disable the support for your browser and then re-enable it from the KeePassXC settings?

This was the solution for me for now.

Should probably add:
OS - Debian 10
KeePassXC version: 2.4.3 (compiled from source)
Browser version: 1.4.6

Just found the problem maybe on the KeepassXC extension coding or maybe KeepassXC browser.
I have solved this issue by _changing the folder name length(rename to shorter or move it to reduce folder string length)_ for the too long text string will be problem for extension or XC browser to processing it.
I am 100% sure this is a bug in either one.
I am using portable version of XC browser app,
I also suspect it maybe cause by the partition format of USB that will cause the program to interpret the location of binary file.
I have tested this and duplicate the same issue in different machines(Windows 10), but this does not happen in Ubuntu(Linux).

@RexTC Thank you for the info. Need to test that. The folder name is only used in the Native Messaging JSON script and in the registry. It's also possible that Native Messaging doesn't handle long names properly, but at this point it's hard to say.

y

what should I modify after I found "org.keepassxc.keepassxc_browser"

@AustinLiu1988 The path, if it's wrong.

Just for the record... was going nut with this issue since a long time and have just find the time to do some debugging and figure it out... i am using chromium, (ungoogle-chromium) + Linux... but i'll post the solution according to Firefox and other systems as well... this may help some one with a similar issue...

First thing first here is the detailed documentation (reading it is what lead me to the solution...)

• Chromium/Chrome Native Messaging
• Mozilla Native Messaging
• KeepassXC-Browser Troubleshooting Wiki

Also under chromium an easy way to debug is to open chrome://extensions/ select developer mode at the top right then click Inspect views background... under the square of KeepassXC extension... also under details button you may select collect errors...

Before going further the first thing to do is to follow the KeepassXC-Browser Troubleshooting Wiki and update/fix the json manifest file like described there

Then (and here is where my config/mistake got me stucked) the native messaging system have several location where it can be edited and or limited/denied for instance for chromium+linux a manifest json policy under /etc/chromium/policies/managed/manifest.json that contains "NativeMessagingUserLevelHosts": false, will completely block the system and will result in giving Key exchange was not successful error in that case just change the value to true or just remove that line and voila :)

The liked documentations describe different locations for the different policies, different browsers and os.

I'll probably update the wiki to provide a full troubleshooting of the native message system, sometime for some advanced setup, the manifest under the user location is not enough (like my case)

Also during the debugging you may keep the task manager open to see if the browser run keepassxc-proxy binary... also the feature need to be enabled on the KeepassXC settings.

@intika I had no idea the whole native messaging system can be limited and solved by editing the policies JSON. Is this behaviour specific to Ungoogled Chromium?

@varjolintu no it's not specific to Ungoogled Chromium but to any Chromium based browser, in any OS... i believe Firefox have a similar policy function

Had the same issue on Windows 8.1 but only with portable KeePassXC. Otherwise works fine with desktop version. Portable version has even more issues.

Happens for me on Win10 with FF 74.0 + KeePassXC-Browser 1.6.0 2and KeePassXC 2.5.3. But this is just the current setup. I don't recall with what version the connection started to fail.

As Hrvoje Golčić I am using a portable installation of KeePassX.