- #Tls versions check install
- #Tls versions check code
- #Tls versions check windows 7
- #Tls versions check windows
The HTTPS client only checks if the certificate chain goes back to some root certificate, which it does, as we just added it. This is needed, as we will be pretending to be the Ubisoft endpoint, when we are in fact not.
#Tls versions check windows
Creating a self-signed certificate for the hostname, installing it as a root certificate on my machine, and another one (with Windows 10) in my network.My workaround "solution", was to spoof their endpoint server, by:
#Tls versions check windows 7
So the conclusion I draw from this, is that Ubisoft should add at least one of the cipher suites supported in Windows 7 to the list of accepted ones for their endpoint server in question. Both sites use TLS 1.2, but Github allows for a larger variety of cipher suites: # TLS 1.2 (suites in server-preferred order) Github will work, but the Ubisoft endpoint won't. This can be tested by using Internet Explorer to access both and the Ubisoft endpoint. None of these seem to be available in Windows 7. The list of supported ones by the Ubisoft endpoint is rather small: # TLS 1.2 (suites in server-preferred order)
#Tls versions check install
And Windows 7 does not allow you to install new ones. The problem was, that does not allow any cipher suites supported by Windows 7. (Win7 does not support TLS 1.3.) The login then works again, as the server handling that, seems unaffected by the issue explained below. I deactivated all of them, (SSL 2.0, SSL 3.0, TLS 1.0, TLS 1.1) with the exception of TLS 1.2. Neither will Ubisoft Connect, you cannot even login anymore. When you set Enable=0 on all HTTPS cryptographic protocols, no HTTPS websites will work in Internet Explorer anymore. Firefox brings its own HTTPS code, so it's not possible to test with it. They can be tested with Internet Explorer. The registry changes in SCHANNEL\Protocols are working fine. I figured it out after all, here is the explanation. I already read through So, how can I configure Windows 7 to use TLS 1.2 only and check whether the setting works properly? So I'm trying to configure my Win7 to use TLS 1.2 only, and not use 1.0/1.1 at all. Since 1.2 seems to be supported by both, that is the version I want Ubisoft Connect to use. It seems the difference is that wallet supports TLS 1.0 & 1.1 but not 1.3 and the channel-service doesn't support 1.0 & 1.1, but does support 1.3. Using SSLLabs, I looked at the supported TLS versions of those websites:
But maybe not, so I would like to be able to check if TLS 1.2 is configured as the only available protocol correctly - I suspect it isn't.)
#Tls versions check code
(HTTP status code is none? Other calls in the logfile work normally, suggesting that there is some fundamental issue with the request itself. The logs suggest that this is related to using the wrong version of TLS, I think.
The underlying issue is that Ubisoft Connect does not work properly.
(Yes, I know that Win7 gets no more patches, nevermind that.) The question is about forcing Win7 to use TLS 1.2 only.
0 kommentar(er)
