question

Brieuc avatar image
Brieuc asked

Certificate problem with UE4

Hi,

We are currently working on Unreal Engine 4 and we (of course) are using playfab with it.

But we are now facing a problem, not on all machines, but some machines get this error (and i'm facing this error with my machine) :

[2020.03.23-09.20.02:387][ 12]LogHttp: Warning: 00000260EDD568C0: invalid HTTP response code received. URL: https://1C194.playfabapi.com/Client/LoginWithCustomID?sdk=UE4MKPL-1.30.191218, HTTP code: 0, content length: 0, actual payload size: 0

[2020.03.23-09.20.02:387][ 12]LogHttp: Warning: 00000260EDD568C0: request failed, libcurl error: 60 (Peer certificate cannot be authenticated with given CA certificates)

How can i fix this ?

Cheers

1 comment
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Seth Du avatar image Seth Du ♦ commented ·

What's your UE4 version? Are you using the latest version of PlayFab Marketplace Plugin? It will be appreciated if you can provide a network packets trace, for example, via Fiddler.

0 Likes 0 ·

2 Answers

·
Brieuc avatar image
Brieuc answered

Thanks for the link. I finally found the problem. Looks like in the SSL.build.cs the platform i was using to build the game was not declared. So the flag WITH_SSL was not enable and then we didn't use any certificate.

That's why you didn't find any certificate in the response of the packet.

I added the missing platform in the file and now the problem is solved.

Thanks for your help :)

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Brieuc avatar image
Brieuc answered

We're using Unreal Engine 4.24.2 and the last Playfab Marketplace plugin.

I never used fiddler (or any software to trace packets) so i'm not sure about what i'll give you.

Please let me know if it's what you would have or if i'm wrong.headers.jpgtextview.jpg

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.


Version: 3.3 (TLS/1.2)
Random: 2D 57 4B FD ED 29 CE D7 39 76 2C 44 3C C9 CA A2 98 C7 C2 EC D5 0D 9A 06 6B 4F EE 1A 54 26 46 CB
"Time": 30/08/2104 22:59:25
SessionID: 5A F1 B5 AB 04 AC 2B 64 7C 6B 03 42 88 72 B5 99 F3 ED 74 42 D4 A9 32 AC 9A 34 53 9B FC 89 AA 4F
Extensions: 
	server_name	1C194.playfabapi.com
	ec_point_formats	uncompressed [0x0], ansiX962_compressed_prime [0x1], ansiX962_compressed_char2 [0x2]
	supported_groups	x25519 [0x1d], secp256r1 [0x17], x448 [0x1e], secp521r1 [0x19], secp384r1 [0x18]
	NextProtocolNego	empty
	ALPN		http/1.1
	encrypt_then_mac (RFC7366)	empty
	extended_master_secret	empty
	signature_algs	ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ed25519, ed448, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha224, ecdsa_sha1, rsa_sha224, rsa_pkcs1_sha1, dsa_sha224, dsa_sha1, dsa_sha256, dsa_sha384, dsa_sha512
	supported_versions	Tls1.3, Tls1.2, Tls1.1
	psk_key_exchange_modes	01 01
	key_share	00 24 00 1D 00 20 85 4E D6 AB 8D 19 7B F8 F3 17 B6 61 42 06 9D C1 C9 E3 56 94 82 7A 98 35 8C C3 60 B4 CF C1 A0 6C
	padding		80 null bytes
Ciphers: 
	[1302]	TLS_AES_256_GCM_SHA384
	[1303]	TLS_CHACHA20_POLY1305_SHA256
	[1301]	TLS_AES_128_GCM_SHA256
	[C02C]	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
	[C030]	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	[00A3]	TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
	[009F]	TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
	[CCA9]	TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
	[CCA8]	TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
	[CCAA]	TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
	[C0AF]	TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
	[C0AD]	TLS_ECDHE_ECDSA_WITH_AES_256_CCM
	[C0A3]	TLS_DHE_RSA_WITH_AES_256_CCM_8
	[C09F]	TLS_DHE_RSA_WITH_AES_256_CCM
	[C05D]	TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
	[C061]	TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
	[C057]	TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384
	[C053]	TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
	[C024]	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
	[C028]	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
	[006B]	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
	[006A]	TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
	[C073]	TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
	[C077]	TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
	[00C4]	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
	[00C3]	TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256
	[C00A]	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
	[C014]	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	[0039]	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
	[0038]	TLS_DHE_DSS_WITH_AES_256_CBC_SHA
	[0088]	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
	[0087]	TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
	[009D]	TLS_RSA_WITH_AES_256_GCM_SHA384
	[C0A1]	TLS_RSA_WITH_AES_256_CCM_8
	[C09D]	TLS_RSA_WITH_AES_256_CCM
	[C051]	TLS_RSA_WITH_ARIA_256_GCM_SHA384
	[003D]	TLS_RSA_WITH_AES_256_CBC_SHA256
	[00C0]	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
	[0035]	TLS_RSA_WITH_AES_256_CBC_SHA
	[0084]	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
	[C02B]	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
	[C02F]	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	[00A2]	TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
	[009E]	TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
	[C0AE]	TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
	[C0AC]	TLS_ECDHE_ECDSA_WITH_AES_128_CCM
	[C0A2]	TLS_DHE_RSA_WITH_AES_128_CCM_8
	[C09E]	TLS_DHE_RSA_WITH_AES_128_CCM
	[C05C]	TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
	[C060]	TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
	[C056]	TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256
	[C052]	TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
	[C023]	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
	[C027]	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
	[0067]	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
	[0040]	TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
	[C072]	TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
	[C076]	TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
	[00BE]	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
	[00BD]	TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
	[C009]	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
	[C013]	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	[0033]	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
	[0032]	TLS_DHE_DSS_WITH_AES_128_CBC_SHA
	[009A]	TLS_DHE_RSA_WITH_SEED_CBC_SHA
	[0099]	TLS_DHE_DSS_WITH_SEED_CBC_SHA
	[0045]	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
	[0044]	TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
	[009C]	TLS_RSA_WITH_AES_128_GCM_SHA256
	[C0A0]	TLS_RSA_WITH_AES_128_CCM_8
	[C09C]	TLS_RSA_WITH_AES_128_CCM
	[C050]	TLS_RSA_WITH_ARIA_128_GCM_SHA256
	[003C]	TLS_RSA_WITH_AES_128_CBC_SHA256
	[00BA]	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
	[002F]	TLS_RSA_WITH_AES_128_CBC_SHA
	[0096]	TLS_RSA_WITH_SEED_CBC_SHA
	[0041]	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
	[0007]	SSL_RSA_WITH_IDEA_SHA
	[00FF]	TLS_EMPTY_RENEGOTIATION_INFO_SCSV


Compression: 
	[00]	NO_COMPRESSION

headers.jpg (203.9 KiB)
textview.jpg (398.4 KiB)
4 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Seth Du avatar image Seth Du ♦ commented ·

Please save it as a .saz file so that we can look into it. Thanks!

0 Likes 0 ·
annotation-2020-03-25-102434.png (23.1 KiB)
Seth Du avatar image Seth Du ♦ Seth Du ♦ commented ·

Hi, I am not sure if it is the difference on fiddler configuration, but it seems I cannot find certificate information on the response of the packet. Anyway, I found an artical about libcurl 60 error: https://github.com/yabacon/paystack-php/wiki/cURL-error-60:-SSL-certificate-problem:-unable-to-get-local-issuer-certificate-(see-http:--curl.haxx.se-libcurl-c-libcurl-errors.html). Since this issue only occurs on few machines, you may consider it as the local environment issue. Please feel free to tell us if you have any progress after you have follow the instructions in the docuemntation.

0 Likes 0 ·
Brieuc avatar image Brieuc commented ·

trace.zip Here is the save file. Hope you'll find what you want.

0 Likes 0 ·
trace.zip (11.3 KiB)
Seth Du avatar image Seth Du ♦ Brieuc commented ·

Thank you for sharing the file. I will dig into it.

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.