maruk 80 Posted November 26, 2012 (edited) Server admins are welcome to use new more reliable secure player id system. Please place requiredSecureId=1; to your server config to help us testing this system and read http://www.bistudio.com/english/company/developers-blog for more detailed information. Please note that this system is ready for many betas now but only recently all player ids are properly recognized and entire infrastructure running. Edited February 8, 2013 by Dwarden added ; Share this post Link to post Share on other sites
Hud Dorph 22 Posted November 26, 2012 Having set "requiredsecureid=1" When connecting to server im having pretty long "wait for host" then "registration failed: time out was reached" Share this post Link to post Share on other sites
suma 8 Posted November 26, 2012 It seems the server mentioned in the blog did not survive the load and it is already down. I recommend not using requiredsecureid until we check and fix the issue. Share this post Link to post Share on other sites
suma 8 Posted November 27, 2012 It seems the server mentioned in the blog did not survive the load and it is already down. I recommend not using requiredsecureid until we check and fix the issue. I can still see some player id traffic on the server. I have identified an issue causing the timeout, it should be resolved shortly (I will notify you here once it is done). Meanwhile I kindly ask server admins to use requireSecureId=0 until it is fixed to prevent more players failing id validation. Share this post Link to post Share on other sites
maddogx 13 Posted November 27, 2012 I can still see some player id traffic on the server. I have identified an issue causing the timeout, it should be resolved shortly (I will notify you here once it is done). Meanwhile I kindly ask server admins to use requireSecureId=0 until it is fixed to prevent more players failing id validation. This is the kind of situation where Twitter could be useful. :D Share this post Link to post Share on other sites
suma 8 Posted November 27, 2012 The server problem should be fixed. The problem was a badly designed JPQL query, which was about 100x slower than it should be. Brave server admins may want to use requireSecureId=1 again. Share this post Link to post Share on other sites
suma 8 Posted November 28, 2012 I see no secure ids issued since my last post, but I can see some server are using it (and have some players). How does it look from the server side now? Are the players reported to have registration failed or ? Share this post Link to post Share on other sites
Hud Dorph 22 Posted November 28, 2012 I get when connecting to server with: Requiredsecureid=1; Registration Failed: No error Share this post Link to post Share on other sites
suma 8 Posted November 28, 2012 Issue fixed (access rights on the server did not allow access to the service at all, and the failure was badly reported), server should be running OK (and I already see 50 verified IDs issued). Share this post Link to post Share on other sites
eddieck 10 Posted November 28, 2012 Is this intended to replace BE GUIDs in the future? Share this post Link to post Share on other sites
Psychobastard 136 Posted November 28, 2012 I activate this parameter on my event dedi-server for tonight. We had played with round about 50 players. 4 of them aren't able to connect the server. (without any error message on screen or .rpt) I'm got a message at first server connection: "Registration failed: RSS connect error" but all works fine for me. I registered many "lost connections" along the players - more than normal. But no .rpt messages, too. Share this post Link to post Share on other sites
suma 8 Posted November 29, 2012 We are at 3500 secure ids issued with 42 servers running secured ids, no anomalies observed, everything seems to be working fine and smooth. Share this post Link to post Share on other sites
leepfrog 1 Posted November 29, 2012 Suma thanks for the update. I have enabled Mode 1 yesterday on 9 of our servers. Could you please share information where messages of failed verifications would be logged? The Server console output? The RPT file? I'd like to have a look for potential problems/cheaters but I was unable to find any messages related to secure ID yet Share this post Link to post Share on other sites
suma 8 Posted November 29, 2012 Could you please share information where messages of failed verifications would be logged? The Server console output? The RPT file? I'd like to have a look for potential problems/cheaters but I was unable to find any messages related to secure ID yet You would see it in the server console between the connecting and connected messages. If there are no messages about any failures there, it means nobody without a valid certificate has connected to your server. Share this post Link to post Share on other sites
suma 8 Posted December 4, 2012 We are now over 20000 of secured ids, with over 80 servers using the features . A new beta 99700 changes default to requiredSecureId=1, therefore we should see much faster adoption rate soon. We shall see if the server will still handle the load (it should). We also have first ID banned because it was registered by too many distinct players - more of this will most likely come soon as well. Share this post Link to post Share on other sites
marker 1 Posted December 5, 2012 So I should just add the requiredsecureid=1 to my server cfg when I update to the latest beta tonight? Thanks Share this post Link to post Share on other sites
maruk 80 Posted December 5, 2012 So I should just add the requiredsecureid=1 to my server cfg when I update to the latest beta tonight?Thanks Not really needed in the latest beta as this is now the default settings (so no difference if it is there or not, you can use 0 or 2 if you want no or full secure id level). Share this post Link to post Share on other sites
=wfl= sgt bilko 10 Posted December 5, 2012 Will there be an upcoming linux beta shortly. Or is this feature already in current beta? Share this post Link to post Share on other sites
suma 8 Posted December 6, 2012 Will there be an upcoming linux beta shortly. Or is this feature already in current beta? This feature is already present in all 1.62 servers, however before the 99700 it needs to be enabled manually by specifying requiredSecureId=1 in the server.cfg. Share this post Link to post Share on other sites
mmavipc 1 Posted December 15, 2012 Every time I join a server running this, it says my ID is unregistered and there was a SSL connection error. Next beta you might want to make the error message a bit more specific, many things can go wrong during an SSL/TLS handshake Share this post Link to post Share on other sites
leepfrog 1 Posted December 16, 2012 This sounds like either Port 443 outgoing is blocked at your end, or you have some kind of SSL man-in-the middle appliance/attack in your network which presents invalid certificats. Share this post Link to post Share on other sites
suma 8 Posted December 17, 2012 Every time I join a server running this, it says my ID is unregistered and there was a SSL connection error. Next beta you might want to make the error message a bit more specific, many things can go wrong during an SSL/TLS handshake Are you aware if there is perhaps anything special or unusual about the way you access the web (http/protocol)? Does your web browser has any proxy set up for the connection? When you try to access https://is.bistudio.com/BICDKeys in your browser, what do you see? Share this post Link to post Share on other sites
mmavipc 1 Posted December 19, 2012 (edited) Are you aware if there is perhaps anything special or unusual about the way you access the web (http/protocol)? Does your web browser has any proxy set up for the connection? When you try to access https://is.bistudio.com/BICDKeys in your browser, what do you see? Nothing unusual about how I access the web, when I open that link in my web browser it works fine. I'll try ArmA 2 OA Beta in a bit and post a screenshot if it errors again. Screenshot: http://img.ctrlv.in/50d12a7d43ed6.jpg (162 kB) SSL Connect error is very non-descript, even just adding an error code generated by whatever library you're using would make this so much easier to debug. Edited December 19, 2012 by mmavipc Share this post Link to post Share on other sites
suma 8 Posted December 19, 2012 Screenshot:http://img.ctrlv.in/50d12a7d43ed6.jpg (162 kB) SSL Connect error is very non-descript, even just adding an error code generated by whatever library you're using would make this so much easier to debug. Build 100258 should contain extended reports logged into the .rpt file in case of any HTTP errors. Please, try this version and post the rpt section corresponding to the is.bistudio.com connection here or send it directly to me via person message. Share this post Link to post Share on other sites
mmavipc 1 Posted December 20, 2012 Build 100258 should contain extended reports logged into the .rpt file in case of any HTTP errors. Please, try this version and post the rpt section corresponding to the is.bistudio.com connection here or send it directly to me via person message. Build 100258 isn't out yet, but I captured packet with wireshark: https://dl.dropbox.com/u/3925811/ssl.pcap With the SSL private key you should be able to decrypt them, and that encrypted alert at the end. Share this post Link to post Share on other sites
