I am building a concept application that logs in my web server (build on ASP Core) with an SSL certificate.
My code is working flawlessly on HTTP requests, but is returning a “Failed to receive data” on the “SendWebRequest” method of the "“UnityWebRequest” class, along with a “isNetworkError” being true.
I would like to know if I am doing something wrong.
Here is my current implementation of the REST calls:
UnityWebRequest request = new UnityWebRequest("https://URL:1111", "POST");
byte[] jsonToSend = new System.Text.UTF8Encoding().GetBytes("{ \"user\": \"administrator\" }");
request.uploadHandler = new UploadHandlerRaw(jsonToSend);
request.downloadHandler = new DownloadHandlerBuffer();
request.SetRequestHeader("Content-Type", "application/json");
request.certificateHandler = new CustomCertificateHandler();
request.useHttpContinue = false;
yield return request.SendWebRequest();
//request.responseCode returns 0
var StatusCode = request.responseCode;
Debug.Log("Return code: " + StatusCode);
//request.isNetworkError returns true
if(request.isNetworkError || request.isHttpError) {
//request.error returns "Failed to receive data"
Debug.LogError(request.error);
}
And here is my implementation of the “CustomCertificateHandler” class:
// I removed the public key for obvious reasons
private static readonly string PUB_KEY = "PUBLIC_KEY";
protected override bool ValidateCertificate(byte[] certificateData) {
//After many failed attempts, I just return true to make sure the problem is not here
return true;
X509Certificate2 certificate = new X509Certificate2(certificateData);
string pk = certificate.GetPublicKeyString();
if(pk.ToLower().Equals(PUB_KEY.ToLower())) {
return true;
}
return false;
}
I am really behind my schedule because of this problem and I will really appreciate any help!
Thanks in advance! <3
Yeah, I bumped into this thread.
The difference is that the error I receive is not “Unable to complete SSL connection”.
I receive no errors on SSL whatsoever. Only the “Failed to receive data” one. Are they related?
That is weirdly dangerous.
I just installed the Charles Proxy to run some tests and and magically the requests started working.
On the past week none of them worked at all.
Should I be concerned?
EDIT:
When running the Charles Proxy, the requests are received
WITHOUT the software, I receive the same error as before
That should’nt be an issue. I do not use any proxy neither firewall on my testing computer.
I will build a windows executable an try to run it on another PC
I just tested on my company PC.
The build without Charles running doesn’t work, and with Charles running, it does work.
I also did some other tests with. Aparently Charles roots all connections somehow (so it can read the packets), and, when you enable the SSL proxying on certain addresses (like mine), it uses an illegitimate certificate to re-sign the packages. (?)
I don’t know if this is directly related to the anothjer thread, but I will share it anyway
I’m not sure if you can do this with Charles, but try observing the traffic without SSL decryption enabled. Does the secure tunnel handshake complete?
You could try using Fiddler as an alternative to Charles, though I suspect the will be the same.
These interception programs act as a proxy in order to observe your web traffic. That means there is an opportunity for the connection protocols to be different as compared to your real server.
One theory: your game may be trying to open a TLS 1 or 1.1 channel. Your ASP Core service may only accept TLS 1.2. Charles, acting as a proxy, may be bypassing that problem by negotiating a TLS 1 connection with your client and a TLS 1.2 connection with your service and shuttling the messages across.
Check your supported protocols in your game. What is the value of ServicePointManager.SecurityProtocol?
Check your supported protocols on your server.
What OS are you hosting your service on?
Hello @eisenpony !
Yeah, trying Charles without observing SSL traffic indeed shows encrypted data, so, the communication is being made. And it also shows a HTTP 200 response, so my server is working properly.
I have tried every value of the “SecurityProtocolType” with no success.
My server is currenctly accepting TLS 1.0, 1.1 and 1.2 and running on Windows Server 2012 R2
So, with Charles proxy enabled everything works fine to you, but not when Unity calls the server directly?
If that’s the case, could you report a bug with simple project calling your server? That might help us a lot! Those intermittent issue with secure connections is quite a struggle due to difficulties in reproducing the issue, so we’d really appreciate anything that’s more reliable in this area.
Please, post a bug number here so I could put in on a fast track.
Sure I can. Does the project necessarily needs my DNS or can I leave it empty?
Also, what do you recommend for a workaroud? I am close to the project deadline and cannot afford to wait for a fix.
What do you mean by that?
What we need is a project where the issue can be reliably reproduced. So far we can’t and your particular issue is the first occurrence of such, so we need to have a look first before we can recommend a workaround.
Fenrirr, the more accurate the repro is to your production system the better chance you have of seeing the error. The problem could very easily be entangled with your certificate or server technology stack. In the best case, you can reproduce the problem with a simple web service hosted on any platform and a basic unity implementation. However, I suspect the problem will go away as you simplify the repro.
If the problem is related to your certificate, it might be impossible to give Unity a repro without either giving them your certificate or allowing them to use your server (what I think you called your dns). If you include your certificate, you might be giving away private information. If you offer your server, they might need your continued help to access logs etc. It is a trade off you will have to make if your certificate is involved in recreating the problem.
If the problem is related with the server stack, you’ll want to include as many details as possible regarding the version of OS and ASP.NET Core you implemented the service in.
Of course it’s possible the problem is only within Unity but I find it unlikely the Unity engineers would have had so much trouble reproducing internally if that was the case.
As a workaround, I suggest you look into using System.Net.Http.HttpClient. I have found this the simplest way to make REST calls to a webservice.
@Aurimas-Cernius
I have just posted a bug with a project that fully reproduces my problem. It’s a one-script thing. I think the bugt ticket is: 1141642_p7fv52ros56g7fc5
@eisenpony
I do understand the problem may be on something on my side, but since I do not own the server, it will far to impracticable for me to help
Also, thanks for the tip on the “HttpClient”. I’ll give it a shot!
@Fenrirr
Thanks for the sample project. I investigated it a bit and found out that this server immediately requests a TLS handshake renegotiation which we didn’t properly support. That’s curious behavior, but also an interesting case our tests didn’t cover at all so far…
I have a fix in the works and make sure that it will be backported to the 2018LTS version!
Thank you @andreasreich ! Happy to know my sample project worked (or didnt work)!
Is there any way for me to know when the patch is out? Or only checking the changelogs?