iOS / iPad OS 13

[seanbperiod]

I jumped the gun and updated to the public beta of iOS 13 and have the same settings transferred over for the proxy, but FFRK is not connecting on load - I've also tried removing and adding the profile again.

Any insights?

I get the connection error in game right after "Generating new TLS certificate for: ffrk.denagames.com" comes up in terminal.

[seanbperiod]

Heyo - just wanted to bump this now that iOS 13 is out. Same issue still exists.

[ThauEx]

I don't have any iOS devices nor I'm playing this game anymore. Try to follow the README, if this doesn't help, I cannot help you.

[agrumi]

@ThauEx Not even donating could help troubleshooting this? This is the easiest and cheapest proxy out there.

[ThauEx]

Nope...
I don't have time for this... Are you sure, you are following the README and using the proxy.pac?

[agrumi]

Yes, everything worked fine from iOS 12 to iOS 12.4, but on iOS 13 and 13.1, FFRK gives me the message "We're not able to connect / Please check your network settings and try again." while the terminal is stuck at "Generating new TLS certificate for: ffrk.denagames.com".

[ThauEx]

Have you tried opening https://ffrk.denagames.com in your phone's browser?

[agrumi]

Yes, my phone browser gets 'Not found' as it should be

[seanbperiod]

Yeah I'm wondering what could have changed between iOS 12 and iOS 13 that would make this not work.. Any ideas on where to look, or how to diagnose the issue?

[agrumi]

Any chance we could band aid fix this issue on our own?

On Thu, 10 Oct 2019 at 01:17, bebimbap notifications@github.com wrote:

https://www.zdnet.com/article/apple-deprecates-sha-1-certificates-in-ios-13-and-macos-catalina/ Apple deprecates SHA-1 certificates in iOS 13 and macOS Catalina

i'm guessing this is the issue

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/ThauEx/ffrk-proxy/issues/158?email_source=notifications&email_token=ANJKBYVNENGGICA5GBCJEH3QNZQ7VA5CNFSM4H3DQMQKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAZX77I#issuecomment-540246013, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANJKBYT3KKCI7BIU6G2MMRTQNZQ7VANCNFSM4H3DQMQA .

[seanbperiod]

At least we've been able to isolate the issue!

I'm hoping @ThauEx has time to look into it or guide us towards a solution. They previously said that they no longer own an iOS device, so if they need help testing, I'm happy to help!

[ThauEx]

Yes, this is something I can look into.

[XApproaches]

Since the newest iOS release a few days ago it isn't working for me

[ThauEx]

https://www.zdnet.com/article/apple-deprecates-sha-1-certificates-in-ios-13-and-macos-catalina/ Apple deprecates SHA-1 certificates in iOS 13 and macOS Catalina

i'm guessing this is the issue

I had a quick look and ffrk-proxy is generating 2048bit sha-256 certificates, which is fine.
I could be related to the minimum requirements for TLS communications, but I can't say for sure...

[agrumi]

Whenever you feel like taking the time to try and fix it is fine, if you have the time. Thank you very much anyways

On Fri, 18 Oct 2019 at 22:09, ThauEx notifications@github.com wrote:

https://www.zdnet.com/article/apple-deprecates-sha-1-certificates-in-ios-13-and-macos-catalina/ Apple deprecates SHA-1 certificates in iOS 13 and macOS Catalina

i'm guessing this is the issue

I had a quick look and ffrk-proxy is generating 2048bit sha-256 certificates, which is fine. I could be related to the minimum requirements for TLS communications, but I can't say for sure...

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/ThauEx/ffrk-proxy/issues/158?email_source=notifications&email_token=ANJKBYXJN5PSZ67XHTX3BKTQPIJXBA5CNFSM4H3DQMQKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEBVYUTI#issuecomment-543918669, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANJKBYQUB5TMLPKJ4C4RNXLQPIJXBANCNFSM4H3DQMQA .

[ThauEx]

I played around with the ios simulator and for whatever reason it marks the certificates as not secure, but the root ca is trusted... Why is iOS so complicated?
I installed the certificate via safari and then installed the "profile" via settings, after that I had to trust the certificate. I will test a bit more the next days, there might be some missing entries in the generated certs

[ThauEx]

I think, I figured it out. It was working when testing it in my iOS simulator and Safari.
JUst replace the content of lib/cert.js with the content of https://raw.githubusercontent.com/ThauEx/ffrk-proxy/master/lib/cert.js and restart the proxy.
I hope it works...

[XApproaches]

Looks like that did the trick - I do networking and domain administration, and programmers always blow my mind. You're a genius, dude.

[seanbperiod]

Working for me on iPadOS 13.1 and continues to work on iOS 12.4!

Thanks again for continuing to work on this :)

I'll leave this issue open for another few days just in case there's a bug to report.

[agrumi]

Working perfectly, you're the best @ThauEx !

[seanbperiod]

Closing now. Thanks again @ThauEx :D