I hate that sh*t too. I stopped using the gateway altogether nearly a year ago because of that <font color="orange">HAMSTER</font>. It got absolutely ridiculous to keep dealing with.
The connection to gateway.playneverwinter.com was interrupted while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
it seemed like the patch you did yesterday fixed it for a few but then went back to having an Invalid Authority Chain. So someone needs to fix that before it'll ever work on our end..
0
buzzardsbaitMember, NW M9 PlaytestPosts: 49Arc User
it seemed like the patch you did yesterday fixed it for a few but then went back to having an Invalid Authority Chain. So someone needs to fix that before it'll ever work on our end..
Wish I was one of those few. It worked right up until firefox updated to version 37.0.1, and not a single time since.
I was able to get to the gateway on my Android handheld using FF 36 as well. But that was prior to the XB launch also. Then "upgraded" to 37 and it's a no-go wherever I go FF 37 fails on both PC and Android. So far I've found:
PC -
FF = fails
IE11 = works*
Chrome = works*
* at least to the login screen, haven't actually logged in.
It seems mostly Android related which may mean it's Mozilla related, hence FF failures on PC. I for one don't take my PC to bed with me to restart professions during the night. Only the Android hand held is acceptable during the night. During the day I'll use the NW Client.
I was able to get to the gateway on my Android handheld using FF 36 as well. But that was prior to the XB launch also. Then "upgraded" to 37 and it's a no-go wherever I go FF 37 fails on both PC and Android. So far I've found:
PC -
FF = fails
IE11 = works*
Chrome = works*
* at least to the login screen, haven't actually logged in.
It seems mostly Android related which may mean it's Mozilla related, hence FF failures on PC. I for one don't take my PC to bed with me to restart professions during the night. Only the Android hand held is acceptable during the night. During the day I'll use the NW Client.
For mobile.. i can login with Chrome but i have to click advanced -> proceed. and fill in my info as chrome won't save it on the current SSL State.
For mobile FF I don't know as I just use chrome.. I love FF .. but android is Google code. so I just leave it be with Chrome.
did you change the
security.tls.version.fallback-limit;1
to that?
worked instantly on desktop FF
Yes, this will work. The issue is: Neverwinter Gateway uses an obsolete and insecure form of encryption, which has been compromised for a very long time and that is a terrible idea to use on any information you want to keep private. It's the difference between locking your safe door so only people with the combination can read your private data, and leaving your safe door wide open with a post-it on the front that says "safe is locked, do not read my private stuff that is stored in here".
Browsers have, until recently, supported this very-broken encryption, because a lot of legacy sites still use it despite it being totally insecure.
Firefox has stopped marking these insecure pages as secure, by refusing to support the broken encryption any longer. This means that Neverwinter's Gateway is no longer available, since the server is set to direct everyone to a "secure" connection and the browser is pointing out that what the server insists on is in no way secure.
Google has said Chrome will stop supporting broken non-encryption soon, but still supports it now. This is why Chrome still works, for now. Expect it to break soon.
The correct solution is for the Neverwinter Gateway to be upgraded so it supports WORKING encryption, with a proper certificate and a non-broken cypher suite.
Yes, this will work. The issue is: Neverwinter Gateway uses an obsolete and insecure form of encryption, which has been compromised for a very long time and that is a terrible idea to use on any information you want to keep private. It's the difference between locking your safe door so only people with the combination can read your private data, and leaving your safe door wide open with a post-it on the front that says "safe is locked, do not read my private stuff that is stored in here".
Browsers have, until recently, supported this very-broken encryption, because a lot of legacy sites still use it despite it being totally insecure.
Firefox has stopped marking these insecure pages as secure, by refusing to support the broken encryption any longer. This means that Neverwinter's Gateway is no longer available, since the server is set to direct everyone to a "secure" connection and the browser is pointing out that what the server insists on is in no way secure.
Google has said Chrome will stop supporting broken non-encryption soon, but still supports it now. This is why Chrome still works, for now. Expect it to break soon.
The correct solution is for the Neverwinter Gateway to be upgraded so it supports WORKING encryption, with a proper certificate and a non-broken cypher suite.
I submitted a ticked with the info I put up above.. hopefully someone will see it and fix.. it's not all that difficult to fix.. depending on their server platform.. my guess is it's just very low on the todem pole.. ;p
A little cleaner solution for firefox 37 is to set security.tls.insecure_fallback_hosts to:
gateway.playneverwinter.com,gatewaytest.playneverwinter.com
This way you alter Firefox for Neverwinter's gateways.
I tried this with FF on my PC and it worked (brought up the login at least). Tried this on the Android handheld and it failed. Usual message. FF 37.0.1 on both systems. Back to the drawing board.
A little cleaner solution for firefox 37 is to set security.tls.insecure_fallback_hosts to:
gateway.playneverwinter.com,gatewaytest.playneverwinter.com
This way you alter Firefox for Neverwinter's gateways.
Thanks, this worked on my desktop.
On my Android, I still get an error and have to bypass security if I want it to "work".
0
katbozejziemiMember, NW M9 PlaytestPosts: 856Arc User
edited April 2015
Does anyone else have messed up graphics in the Gateway? For like 2 months now various graphic elements would display the wrong file (for example swapped item icons in professions).
Our gateway issues have been resolved, however if you're still running version 35 of Mozilla Firefox, you might run into some issues.
How can you fix it? Upgrade to version 36 (and maybe clear your cache for good measure) on PC!
Once you've upgraded to version 36, you should be able to access gateway on PC without any issues.
We are still looking into the issues affecting mobile devices.
Enjoy!
so it doesn't work on version 37 then? because it's updated to the latest which is 37. NOT 36 which is old.
anyone hello??
0
hallowoakMember, Neverwinter Beta UsersPosts: 3Arc User
edited April 2015
This is really sad. I have everything up to date and cleared the chache and haven't been able to log on for almost a week. It really shouldn't be this much of a run around to get into and play a game.
so I guess, if you can't open the three locks on your front door, the door gets replaced with a sliding paper door... nice to know, where do you live?
and btw. it is not FF malfunctioning, but the TLS version that PWE/Cryptic uses on the Gateway site. So until they update the security on that site (TLS version 3) FireFox will block it.
Fortunately there is a workaround, that will work with 37.0.1 and that is to change one variable under about:config.
Set security.tls.version.fallback-limit to 1. But be aware that this lowers your security level for ALL websites, that use TLS in a non-secure version.
I finally said screw it, took the 2 minutes to d/l and install chrome, relabeled it's launcher icon "NWN Gateway" and set the gateway as it's homepage.
The gateway also appears to run more smoothly in the Chrome window than it ever did in FF, but that might just be because I haven't seen it in a week and a half.
The connection to gateway.playneverwinter.com was interrupted while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
0
torontodaveMember, NW M9 PlaytestPosts: 992Arc User
edited April 2015
anyone using old SSL is vulnerable.
TLS 1.0 has been sploited. This is the reason we can't use Mozilla Firefox. It won't let us use bugged sploited holes. *cough*ahem cryptic*cough*
Your password could be at risk by using chrome/IE .. Unprofessional to allow it to continue. In fact, due to the age of this thread, I'd wager Cryptic would be the ones found liable if any security breach were to occur.
This should be fixed. update TLS (SSL) already.
NW-DSQ39N5SJ - 'To Infinity, and BEYOND!' - Spelljammer Quest. Skyships, Indiana Jones moments NW-DC9R4J5EH - 'The Black Pearl' - Spelljammer! Phlo Riders and Space Orcs
Thanks for all the fish.
So i don't often use gateway but recently figured I'd like to do some adventuring. Only this problem occurs. I'm already using an update to date version of firefox, mines actually version 37, the most up to date, and I'm still getting the error.
I've tried resetting cache, hard refreshing and the other usual suspects without luck.
I'm not overly bothered since I could, if i wanted to, use another browser, but its a bit annoying when someone tells you how to fix something that shouldnt need fixing only for the fix to not work
Comments
Secure Connection Failed
The connection to gateway.playneverwinter.com was interrupted while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
Recruitment: Neverwinter Online (spotlight)(wiki) - Star Trek Online Federation - Star Trek Online Klingon - Star Trek Online Romulan - Champions Online
Guild FAQs: Neverwinter FAQ - Star Trek FAQ - Champions FAQ ..........Facebook: Mattachine Guild
https://www.ssllabs.com/ssltest/analyze.html?d=gateway.playneverwinter.com
https://www.sslshopper.com/ssl-checker.html#hostname=gateway.playneverwinter.com
it seemed like the patch you did yesterday fixed it for a few but then went back to having an Invalid Authority Chain. So someone needs to fix that before it'll ever work on our end..
Wish I was one of those few. It worked right up until firefox updated to version 37.0.1, and not a single time since.
PC -
FF = fails
IE11 = works*
Chrome = works*
* at least to the login screen, haven't actually logged in.
Android -
FF = fails
Chrome = fails
Dolphin = fails
Stock Android Browser = fails
It seems mostly Android related which may mean it's Mozilla related, hence FF failures on PC. I for one don't take my PC to bed with me to restart professions during the night. Only the Android hand held is acceptable during the night. During the day I'll use the NW Client.
did you change the
security.tls.version.fallback-limit;1
to that?
worked instantly on desktop FF
For mobile.. i can login with Chrome but i have to click advanced -> proceed. and fill in my info as chrome won't save it on the current SSL State.
For mobile FF I don't know as I just use chrome.. I love FF .. but android is Google code. so I just leave it be with Chrome.
Yes, this will work. The issue is: Neverwinter Gateway uses an obsolete and insecure form of encryption, which has been compromised for a very long time and that is a terrible idea to use on any information you want to keep private. It's the difference between locking your safe door so only people with the combination can read your private data, and leaving your safe door wide open with a post-it on the front that says "safe is locked, do not read my private stuff that is stored in here".
Browsers have, until recently, supported this very-broken encryption, because a lot of legacy sites still use it despite it being totally insecure.
Firefox has stopped marking these insecure pages as secure, by refusing to support the broken encryption any longer. This means that Neverwinter's Gateway is no longer available, since the server is set to direct everyone to a "secure" connection and the browser is pointing out that what the server insists on is in no way secure.
Google has said Chrome will stop supporting broken non-encryption soon, but still supports it now. This is why Chrome still works, for now. Expect it to break soon.
The correct solution is for the Neverwinter Gateway to be upgraded so it supports WORKING encryption, with a proper certificate and a non-broken cypher suite.
I submitted a ticked with the info I put up above.. hopefully someone will see it and fix.. it's not all that difficult to fix.. depending on their server platform.. my guess is it's just very low on the todem pole.. ;p
I tried this with FF on my PC and it worked (brought up the login at least). Tried this on the Android handheld and it failed. Usual message. FF 37.0.1 on both systems. Back to the drawing board.
Thanks, this worked on my desktop.
On my Android, I still get an error and have to bypass security if I want it to "work".
so it doesn't work on version 37 then? because it's updated to the latest which is 37. NOT 36 which is old.
anyone hello??
Have you tried http://nw-forum.perfectworld.com/showthread.php?852761-Connecting-to-Neverwinter-Gateway-on-Firefox-on-PC-Use-version-36/page6&p=10430751#post10430751 ?
and btw. it is not FF malfunctioning, but the TLS version that PWE/Cryptic uses on the Gateway site. So until they update the security on that site (TLS version 3) FireFox will block it.
Fortunately there is a workaround, that will work with 37.0.1 and that is to change one variable under about:config.
Set security.tls.version.fallback-limit to 1. But be aware that this lowers your security level for ALL websites, that use TLS in a non-secure version.
The gateway also appears to run more smoothly in the Chrome window than it ever did in FF, but that might just be because I haven't seen it in a week and a half.
The connection to gateway.playneverwinter.com was interrupted while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
TLS 1.0 has been sploited. This is the reason we can't use Mozilla Firefox. It won't let us use bugged sploited holes. *cough*ahem cryptic*cough*
Your password could be at risk by using chrome/IE .. Unprofessional to allow it to continue. In fact, due to the age of this thread, I'd wager Cryptic would be the ones found liable if any security breach were to occur.
This should be fixed. update TLS (SSL) already.
NW-DC9R4J5EH - 'The Black Pearl' - Spelljammer! Phlo Riders and Space Orcs
Thanks for all the fish.
I've tried resetting cache, hard refreshing and the other usual suspects without luck.
I'm not overly bothered since I could, if i wanted to, use another browser, but its a bit annoying when someone tells you how to fix something that shouldnt need fixing only for the fix to not work