nice job man. this works now i can do my ad farming. Do you know if the previous disconects from the gateway were because of this setting?
The recent ... ehm .. instability ... (last week Monday until, .. yesterday? Friday?) could not have been due to this setting on your browser. Everybody had it (not just the users of a recent version of FF)... _I_ had it (using Chrome _and_ FF).
It does have some cross-over with people having the TLS 1.0 issue though, so not everybody reporting there was actually complaining about _that_ issue but _this_ issue.
Furthermore, if FF is your default browser, be aware that this change also affects IE, Safari and any other browser you may have installed simultaneously. If you use different browsers for testing purposes, you may wish to (temporarily) undo this change before you start testing.
I really doubt your latter statement. This is because the about:config page is taking and storing settings from a file 'prefs.js' in your Mozilla Firefox Profile directory on disk.
It starts with
"# Mozilla User Preferences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/"
I am quite sure that neither Chrome, or IE, is looking at that file. And I am moderately sure Safari isn't.
kieranmtornMember, NW M9 PlaytestPosts: 382Arc User
edited April 2015
A little cleaner solution for firefox 37 is to set security.tls.insecure_fallback_hosts to:
gateway.playneverwinter.com,gatewaytest.playneverwinter.com
This way you alter Firefox for Neverwinter's gateways.
I'm 100% sure that no browser looks at that config file. But the change does more than change a config file it seems. How else do you explain that any installed browser and not just chrome can access the gateway after this change all of a sudden? And this is in a locked down virtual environment where no other change was made.
I can't verify this: I don't have Safari and IE has always kept working for me.
l was able to use the gateway for almost one hour this morning. Now at noon all l get is the error message that we all can see since a few months. Needless to say, my comp and connection and browser and all has not changed in the meantime.
The issue is definitely 100% on Cryptic's side.
and it doesn't matter what version you use, gateway is borked.... again. At least you guys fixed it for a couple days, perhaps after the mod launch you can finally resolve the problem?
The website may try to fallback to TLS 1.0 in a way that is no longer allowed in current releases. It also uses a weak cipher suite that is not considered safe.
Connection Encrypted (TLS_RSA_WITH_AES_128_CBC_SHA, 128 bit keys, TLS 1.0)
You can open the about:config page via the location/address bar and use its search bar to locate this pref:
security.tls.insecure_fallback_hosts
You can double-click the line to modify the pref and add the domain to this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). You should only see domains separated by a comma in the value column.
Each day when I go to log in to the gateway, I have to go to my email for a one time code to save my browser. (yes, the box to save my browser is checked)
Im on a Win 8.1 machine with IE v11.09600
Latest Firefix does it too.
I hate that sh*t too. I stopped using the gateway altogether nearly a year ago because of that <font color="orange">HAMSTER</font>. It got absolutely ridiculous to keep dealing with.
The connection to gateway.playneverwinter.com was interrupted while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
it seemed like the patch you did yesterday fixed it for a few but then went back to having an Invalid Authority Chain. So someone needs to fix that before it'll ever work on our end..
0
buzzardsbaitMember, NW M9 PlaytestPosts: 49Arc User
it seemed like the patch you did yesterday fixed it for a few but then went back to having an Invalid Authority Chain. So someone needs to fix that before it'll ever work on our end..
Wish I was one of those few. It worked right up until firefox updated to version 37.0.1, and not a single time since.
I was able to get to the gateway on my Android handheld using FF 36 as well. But that was prior to the XB launch also. Then "upgraded" to 37 and it's a no-go wherever I go FF 37 fails on both PC and Android. So far I've found:
PC -
FF = fails
IE11 = works*
Chrome = works*
* at least to the login screen, haven't actually logged in.
It seems mostly Android related which may mean it's Mozilla related, hence FF failures on PC. I for one don't take my PC to bed with me to restart professions during the night. Only the Android hand held is acceptable during the night. During the day I'll use the NW Client.
I was able to get to the gateway on my Android handheld using FF 36 as well. But that was prior to the XB launch also. Then "upgraded" to 37 and it's a no-go wherever I go FF 37 fails on both PC and Android. So far I've found:
PC -
FF = fails
IE11 = works*
Chrome = works*
* at least to the login screen, haven't actually logged in.
It seems mostly Android related which may mean it's Mozilla related, hence FF failures on PC. I for one don't take my PC to bed with me to restart professions during the night. Only the Android hand held is acceptable during the night. During the day I'll use the NW Client.
For mobile.. i can login with Chrome but i have to click advanced -> proceed. and fill in my info as chrome won't save it on the current SSL State.
For mobile FF I don't know as I just use chrome.. I love FF .. but android is Google code. so I just leave it be with Chrome.
did you change the
security.tls.version.fallback-limit;1
to that?
worked instantly on desktop FF
Yes, this will work. The issue is: Neverwinter Gateway uses an obsolete and insecure form of encryption, which has been compromised for a very long time and that is a terrible idea to use on any information you want to keep private. It's the difference between locking your safe door so only people with the combination can read your private data, and leaving your safe door wide open with a post-it on the front that says "safe is locked, do not read my private stuff that is stored in here".
Browsers have, until recently, supported this very-broken encryption, because a lot of legacy sites still use it despite it being totally insecure.
Firefox has stopped marking these insecure pages as secure, by refusing to support the broken encryption any longer. This means that Neverwinter's Gateway is no longer available, since the server is set to direct everyone to a "secure" connection and the browser is pointing out that what the server insists on is in no way secure.
Google has said Chrome will stop supporting broken non-encryption soon, but still supports it now. This is why Chrome still works, for now. Expect it to break soon.
The correct solution is for the Neverwinter Gateway to be upgraded so it supports WORKING encryption, with a proper certificate and a non-broken cypher suite.
Yes, this will work. The issue is: Neverwinter Gateway uses an obsolete and insecure form of encryption, which has been compromised for a very long time and that is a terrible idea to use on any information you want to keep private. It's the difference between locking your safe door so only people with the combination can read your private data, and leaving your safe door wide open with a post-it on the front that says "safe is locked, do not read my private stuff that is stored in here".
Browsers have, until recently, supported this very-broken encryption, because a lot of legacy sites still use it despite it being totally insecure.
Firefox has stopped marking these insecure pages as secure, by refusing to support the broken encryption any longer. This means that Neverwinter's Gateway is no longer available, since the server is set to direct everyone to a "secure" connection and the browser is pointing out that what the server insists on is in no way secure.
Google has said Chrome will stop supporting broken non-encryption soon, but still supports it now. This is why Chrome still works, for now. Expect it to break soon.
The correct solution is for the Neverwinter Gateway to be upgraded so it supports WORKING encryption, with a proper certificate and a non-broken cypher suite.
I submitted a ticked with the info I put up above.. hopefully someone will see it and fix.. it's not all that difficult to fix.. depending on their server platform.. my guess is it's just very low on the todem pole.. ;p
A little cleaner solution for firefox 37 is to set security.tls.insecure_fallback_hosts to:
gateway.playneverwinter.com,gatewaytest.playneverwinter.com
This way you alter Firefox for Neverwinter's gateways.
I tried this with FF on my PC and it worked (brought up the login at least). Tried this on the Android handheld and it failed. Usual message. FF 37.0.1 on both systems. Back to the drawing board.
A little cleaner solution for firefox 37 is to set security.tls.insecure_fallback_hosts to:
gateway.playneverwinter.com,gatewaytest.playneverwinter.com
This way you alter Firefox for Neverwinter's gateways.
Thanks, this worked on my desktop.
On my Android, I still get an error and have to bypass security if I want it to "work".
0
katbozejziemiMember, NW M9 PlaytestPosts: 856Arc User
edited April 2015
Does anyone else have messed up graphics in the Gateway? For like 2 months now various graphic elements would display the wrong file (for example swapped item icons in professions).
Comments
The recent ... ehm .. instability ... (last week Monday until, .. yesterday? Friday?) could not have been due to this setting on your browser. Everybody had it (not just the users of a recent version of FF)... _I_ had it (using Chrome _and_ FF).
There's an entire thread about that one: http://nw-forum.perfectworld.com/showthread.php?642791-Neverwinter-Gateway-down
It does have some cross-over with people having the TLS 1.0 issue though, so not everybody reporting there was actually complaining about _that_ issue but _this_ issue.
I really doubt your latter statement. This is because the about:config page is taking and storing settings from a file 'prefs.js' in your Mozilla Firefox Profile directory on disk.
It starts with
"# Mozilla User Preferences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/"
I am quite sure that neither Chrome, or IE, is looking at that file. And I am moderately sure Safari isn't.
gateway.playneverwinter.com,gatewaytest.playneverwinter.com
This way you alter Firefox for Neverwinter's gateways.
I can't verify this: I don't have Safari and IE has always kept working for me.
The issue is definitely 100% on Cryptic's side.
Thanks
Narn
Connection Encrypted (TLS_RSA_WITH_AES_128_CBC_SHA, 128 bit keys, TLS 1.0)
You can open the about:config page via the location/address bar and use its search bar to locate this pref:
security.tls.insecure_fallback_hosts
You can double-click the line to modify the pref and add the domain to this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). You should only see domains separated by a comma in the value column.
narn
Im on a Win 8.1 machine with IE v11.09600
Latest Firefix does it too.
Secure Connection Failed
The connection to gateway.playneverwinter.com was interrupted while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
Recruitment: Neverwinter Online (spotlight)(wiki) - Star Trek Online Federation - Star Trek Online Klingon - Star Trek Online Romulan - Champions Online
Guild FAQs: Neverwinter FAQ - Star Trek FAQ - Champions FAQ ..........Facebook: Mattachine Guild
https://www.ssllabs.com/ssltest/analyze.html?d=gateway.playneverwinter.com
https://www.sslshopper.com/ssl-checker.html#hostname=gateway.playneverwinter.com
it seemed like the patch you did yesterday fixed it for a few but then went back to having an Invalid Authority Chain. So someone needs to fix that before it'll ever work on our end..
Wish I was one of those few. It worked right up until firefox updated to version 37.0.1, and not a single time since.
PC -
FF = fails
IE11 = works*
Chrome = works*
* at least to the login screen, haven't actually logged in.
Android -
FF = fails
Chrome = fails
Dolphin = fails
Stock Android Browser = fails
It seems mostly Android related which may mean it's Mozilla related, hence FF failures on PC. I for one don't take my PC to bed with me to restart professions during the night. Only the Android hand held is acceptable during the night. During the day I'll use the NW Client.
did you change the
security.tls.version.fallback-limit;1
to that?
worked instantly on desktop FF
For mobile.. i can login with Chrome but i have to click advanced -> proceed. and fill in my info as chrome won't save it on the current SSL State.
For mobile FF I don't know as I just use chrome.. I love FF .. but android is Google code. so I just leave it be with Chrome.
Yes, this will work. The issue is: Neverwinter Gateway uses an obsolete and insecure form of encryption, which has been compromised for a very long time and that is a terrible idea to use on any information you want to keep private. It's the difference between locking your safe door so only people with the combination can read your private data, and leaving your safe door wide open with a post-it on the front that says "safe is locked, do not read my private stuff that is stored in here".
Browsers have, until recently, supported this very-broken encryption, because a lot of legacy sites still use it despite it being totally insecure.
Firefox has stopped marking these insecure pages as secure, by refusing to support the broken encryption any longer. This means that Neverwinter's Gateway is no longer available, since the server is set to direct everyone to a "secure" connection and the browser is pointing out that what the server insists on is in no way secure.
Google has said Chrome will stop supporting broken non-encryption soon, but still supports it now. This is why Chrome still works, for now. Expect it to break soon.
The correct solution is for the Neverwinter Gateway to be upgraded so it supports WORKING encryption, with a proper certificate and a non-broken cypher suite.
I submitted a ticked with the info I put up above.. hopefully someone will see it and fix.. it's not all that difficult to fix.. depending on their server platform.. my guess is it's just very low on the todem pole.. ;p
I tried this with FF on my PC and it worked (brought up the login at least). Tried this on the Android handheld and it failed. Usual message. FF 37.0.1 on both systems. Back to the drawing board.
Thanks, this worked on my desktop.
On my Android, I still get an error and have to bypass security if I want it to "work".