Closed drwidgit closed 2 months ago
ufna
commented
2 months ago Hi @drwidgit , I'm not so familiar with this, it's definitely issue of client-server negotiation on curl level. It sounds like clean install hasn't intermediate certs, or something like that.
drwidgit
commented
2 months ago We eventually solved the issue and it was indeed nothing to do with the plug-in. A fresh install of windows only includes a small subset of the certificate authorities installed. As I understand it, Microsoft updates this list every couple weeks through Windows update, but you're kinda stuck until that happens (even if you do all the windows updates). The only work around is to manually install the CA (in our case Go Daddy).
I also understand, though don't have the expertise to confirm, that web browsers ship with their own internal set of CA's so even though we could contact our authentication server via the browser, it wasn't working through our app until we installed the CA.
ufna
commented
2 months ago Thanks @drwidgit , it sounds very legit!
We're using VA Rest in a production product running on UE4.26. In 99.9% of the computers, it works just fine, however on a machine with a stock Windows 10 (or Windows 11) install with all Windows updates, and then adding our software, we have some cases of our license server not responding. When I ran Wire Shark on the machine that was failing, I saw that I'm getting a TLSv1.3 protocol "Alert (Level: Fatal, Description: Unknown CA)" message which I'm assuming means that somewhere in the transmission, the wrong client certificate is being sent.
I'm a bit out of my depth on this one so it's entirely possible that it isn't anything to do with your plugin. This works on thousands of different systems, but a tiny number of customers (probably less than 10) have run into this. One of our customers was able to recreate it with a fresh system, and since then we've also been able to recreate this problem on 3 separate systems that have just a stock install of Windows and then our software. Any insight that you might be able to provide would be appreciated! Thanks!