Hi Guys, it seems like since Unity 2018.2 rolled out its full TLS support and start enforcing the (https://blogs.unity3d.com/2018/07/11/scripting-runtime-improvements-in-unity-2018-2/) many users on Xbox One (we are using the Creators Program not id@xbox) are unable to Login into playfab with the error: "unable to complete ssl connection"
This is our current configuration:
Unity: 2018.2.10f1
PlayFab SDK: 2.58.181218
Xbox One: OS Edition November 2018.
This thread seems to come closets to the root of the problem (https://forum.unity.com/threads/unitywebrequest-unable-to-complete-ssl-connection.566380/).
From what I can gather the problem has to do with the OS root cert store. When i check the playfab endpoint - https://titleid.playfabapi.com/, the playfab cert is issue by Amazon. This is a theory but it is possible that certain Xbox One devices dont have a proper Amazon root CA (the issue is not happening on all Xbox One, I will say 50% of our population are affected by it, including our test xboxes).
In the forum that i referred to earlier, one of the tech guys from Unity suggest bundling your own root ca and overriding how Unity Access the device root ca.
The reason I am posting this issue here (even if it is obvisouly a unity issue since 2018.2.10f1, we didn't have this issue with 2018.1.x) is:
- Are the you guys aware of this issue?
- And will a patch where the PlayFab SDK bundles the Amazon root CA for such scenarios be something that can be implemented on your end.
We are small team, so we don't have the bandwidth to try to implement the whole root certifcate override thing for Unity.
I will keep searching around the net, but our game went live yesterday, and initially we though it was just a local hitch, because we got it working after enabling Fiddler on the Xbox Ones (false postive as by using fiddler the Xbox ends up using fiddlers root cert and PCs certs which are pretty much to trust everything).
Final note: We dont get this issue on the same UWP build that runs on Windows 10 PC, nore our Android builds (atleast not that we are aware of).
Any suggesting will really be appreciated as our half our population can't login :S