update 1.86 verify signatures

[ZN Anhor 40]

A very easy solution for BI:

Rollback this pointless update and try it again in some days .......

[CabooseMinusOne 7]

Just now, kuplion said:

I love Arma, and I've had thouands of hours of fun and play time out of the series but this is pretty much one of the reasons I stopped hosting servers; I just couldn't be bothered with the update headaches anymore.

Oh don't get me wrong I love the game too. Just like you I am getting tired of Hosting and dealing with sleepless nights of bashing my head off my desk :)

[Wyqer 305]

The signature mismatch is just showing in the vanilla launcher for me.

If you "keep selected and join" it doesn't cause issues while connecting and playing.

In the server browser inside the game all is showing green.

That's at least my personal experience with the signature mismatch issue.

Servers run at verifySignatures=2 btw.

Mods for example on our servers: CBA, ACE, RHS, KP Ranks, Project Opfor, BW Mod, Enhanced Movement, etc.

 

Maybe I'm (or our servers are) just lucky with that

[ZN Anhor 40]

1 minute ago, Wyqer said:

Maybe I'm (or our servers are) just lucky with that

Or running on 1.84 ........ lucky

 

[Wyqer 305]

Client and server run on 1.86. Otherwise my reply would be obviously pointless in the thread.

It's just to encourage people to try, if they may just "give up" in the launcher and don't try to join or get misleaded.

[BMW75i 0]

Same problems with mods nothing works

[oukej 2910]

3 hours ago, ZN Anhor said:

Bullshit! We run CBA and Unsung in the latest versions beside Enhanced Movement, Enhanced Soundscape, Exile and Enhanced Basebuilding on the server.

And ALL mods showed as mismatch!

3 hours ago, beeper said:

Same thing, all the mods give signature mismatch after update (both client and dedicated server was updated).

(RHS, CUP, many more)

The indication in the browser is a separate issue and as by itself it does not prevent you from joining a server - you may try it, players are reporting that apart from the browser indication everything is fine.
But you'll probably bump into another issue - the primary one we're currently dealing with - a failure to connect to a server with verifySignatures=2 that results in a simple "session lost" or "connection failed" message (never a message about wrong keys or signatures).

 

 

2 hours ago, Maaras said:

Now every user who wants to join server must have identical modline like is on server. 
Before this update it worked, because server admins had possibility to put only addon keys on server without changing modline and forcing every clients to had identical modline everytime.

Definitely not an intention. Just having bikeys from the signed addons in your Arma 3 Server/Keys folder should be enough to allow client-side mods. This has been also tested and functional. Rly sorry to hear this :(

 

2 hours ago, killjoe_R3F said:

Don't tell me that we will have to resign all addons .... 

Definitely not, our goal was that the security improvements do not require any immediate changes in the mods. Some issues with v2 were why we delayed the updated, fixed the issues and kindly asked everyone to test the RC with us again.

We are really sorry about all the issues - please trust us, we've been extra careful to make sure by all means available to us that the update runs smoothly with no change to existing mods required.

However there's one thing I believe I need to say about us here trying to improve the multiplayer security of Arma 3. What we're basically doing here is encouraging 99% of our players to modify and change the game while trying to prevent the evil 1% from doing the same.
In such an open and moddable environment as Arma 3 it's not an easy task and it's nearly impossible to thoroughly test mp security related changes on a scale in which they will be deployed after an update. Arma 3 is bigger than us and it couldn't be as big if there wasn't a cooperation with players, server admins, modders and our community.

tl;dr - our goal was to improve the security, give you tools to fight hackers, deny script kiddies from wrecking your fun in your multiplayer sessions, without altering how you were able to mod or customize your game up to this point. Apparently we've failed at some points and we're sorting it out. Please, bear with us.

[HazJ 1289]

So the very thing that made the 1.86 release on hold has actually not been fixed? I am getting kicked with the message "Session lost" and not running any mods.

[Tankbuster 1746]

1 minute ago, HazJ said:

So the very thing that made the 1.86 release on hold has actually not been fixed? I am getting kicked with the message "Session lost" and not running any mods.

And I can join the exact same server with no issues. Very odd.

[oukej 2910]

3 minutes ago, HazJ said:

So the very thing that made the 1.86 release on hold has actually not been fixed? I am getting kicked with the message "Session lost" and not running any mods.

That issue we had before on the Release Candidate branch and which we fixed had been reporting failed signature checks. Common "Session lost" failures only appeared now after an update to the Main branch.

[CabooseMinusOne 7]

We ran all mods in the -mod line, had a few that were -servermod that we switched over to -mod and now our players can connect with Signature checks set at 2. Dont run mods serverside that have keys is the bottomline

 

-mod=@Exile;@LythiumA3;@jbad;@CBA;@CupUnits;@CupWeapons;@CupVehicles;@RHSAFRF;@RHSUSAF;@projectOpfor;@ffaa;@SMA;@NIA;@JSRS;@ESS;@EBM;@TRYK;@Blast;@EM;@Cup_Terrains_core;@VSM;@PED;@AdRap;@AUP      -servermod=@ExileServer;@infiSTAR_Exile;@infiSTAR_TM

[Ry4nD 84]

100% 

verifySignatures    = 2;

 

Is not working, Server shows red in launcher, cannot join. 

So the security update to multiplayer was to make us all run verifySignatures                  = 0; 

[wetnreckless 17]

Well at least I only updated one of my servers so there is that...lol

[ZN Anhor 40]

28 minutes ago, CabooseMinusOne said:

We ran all mods in the -mod line, had a few that were -servermod that we switched over to -mod and now our players can connect with Signature checks set at 2. Dont run mods serverside that have keys is the bottomline

 

-mod=@Exile;@LythiumA3;@jbad;@CBA;@CupUnits;@CupWeapons;@CupVehicles;@RHSAFRF;@RHSUSAF;@projectOpfor;@ffaa;@SMA;@NIA;@JSRS;@ESS;@EBM;@TRYK;@Blast;@EM;@Cup_Terrains_core;@VSM;@PED;@AdRap;@AUP      -servermod=@ExileServer;@infiSTAR_Exile;@infiSTAR_TM

Oh nice ....... what is with A3XAI? Enigma Exile Revive? Advanced Rappeling? Now all players must download this now client side?

This could not be the solution .........

[ZN Anhor 40]

43 minutes ago, oukej said:

That issue we had before on the Release Candidate branch and which we fixed had been reporting failed signature checks. Common "Session lost" failures only appeared now after an update to the Main branch.

WTF is so hard to bring back a working signature check like we had befor????

[oukej 2910]

Just now, ZN Anhor said:

WTF is so hard to bring back a working signature check like we had befor????

It is one of the possibilities.
(FYI - in the old sign. check there were some holes that could've been abused by hackers and which we aimed to shut down by verification layers in 1.86)

[eh chaser 285]

Just now, oukej said:

It is one of the possibilities.
(FYI - in the old sign. check there were some holes that could've been abused by hackers and which we aimed to shut down by verification layers in 1.86)

 

He has only 7 posts, 6 and 7 are just...*can´t say because of forum rules*

it is very annoying, but don´t let your motivation go down because of such a kid.

 

[ZN Anhor 40]

7 minutes ago, oukej said:

abused by hackers and which we aimed to shut down by verification layers in 1.86)

Yes, your work was successful! You've shut down every potential hacker (player) *grin*

I'm proud of you *lol*

 

And by the way chaser ...... I´m 51 years old ;)

And I can promise you that I can not allow myself such mistakes in my job .........

 

[Ry4nD 84]

For now we have just password protected our server, for members only as someone already suggested. Seems to be the best option atm.

[ZN Anhor 40]

1 minute ago, Ry4nD said:

For now we have just password protected our server, for members only as someone already suggested. Seems to be the best option atm.

Same here .......

[eh chaser 285]

9 minutes ago, ZN Anhor said:

Yes, your work was successful! You've shut down every potential hacker (player) *grin*

I'm proud of you *lol*

 

And by the way chaser ...... I´m 51 years old ;)

And I can promise you that I can not allow myself such mistakes in my job .........

 

what would you do sir if an employee comes to you like you did to oukej?
humans are doing mistakes...there is no point to throw stones at someone, no matter how stupid the mistake was. also he apologized for the devs.

[Tankbuster 1746]

22 minutes ago, ZN Anhor said:

 

And by the way chaser ...... I´m 51 years old
 

Why are you behaving like a child, then?

[ZN Anhor 40]

To Chaser and Tankbuster:

 

Nothing hurts a customer more than leaving him alone or in the dark with a problem he has not caused himself!

 

Think about the following:

 

B Company and C Company agree on a meeting at 0600 at the coordinates XYZ

When B Company arrives at the coordinates at exactly 0600, C Company is not there

B Company contacts C Company via radio and asks for the time until the arrival

Answer C Company: Yes, we will come

When?

 

We do not need any apologies, we need solutions or at least a specific time to solve the problem .......

[Moon_chilD 200]

I like it: People getting enraged when Game Developer don't do what is promised, fuck up a launch of a game or don't support the game after a short while. 
But then People also complain when a Game Developer continues to support a game 5 years after the actual release of the game with bringing new (free) content and cares not only about security but also mods. 

Some people have nerves to throw a tantrum here even though BI shows clear signs of understanding our frustration. They are extremely sorry and knowing BI for over 6-7 years now I'm sure they work their butts off to fix this issue as quick as possible. It makes me angry to see how some people can be entitled to come here and produce this level of crap in here. 

If you don't like that BI keeps supporting the game but that they are also just humans that can make errors...then just leave. Nobody needs you. 

Keep up the great work @BI!

 

Edit: By the way, I don't mean that people spew bullshit by reporting an error. That's totally legit. If the critic is constructive and helps the developer fixing the problem there is no problem but as we say in germany: "Der Ton machts" (<- means somewhat along the lines of "It always depends on how you say something!")

[HazJ 1289]

@ZN Anhor - I do not care how old you are so lets just throw that point off the table. Clearly age doesn't matter as you are acting very immature. A game developer made a general statement and said they are looking into it. My question was:

1 hour ago, HazJ said:

So the very thing that made the 1.86 release on hold has actually not been fixed? I am getting kicked with the message "Session lost" and not running any mods.

He replied with:

1 hour ago, oukej said:

That issue we had before on the Release Candidate branch and which we fixed had been reporting failed signature checks. Common "Session lost" failures only appeared now after an update to the Main branch.

A rollback is NOT a solution and may cause further issues. Getting arsy about it here isn't going to do much good either. BI pushed an update, yes it fucked something major up and yes they will fix it. They should of do more testing but as @oukej said, the issue occured after pushing it to main branch. It can be caused by a number of reasons. There is no point directing your pissed off attitude to @oukej or generally to BI as they are already aware and surely working on it.