Category Random Stuff       Thread starter PSXHAX       Start date Sep 5, 2016 at 9:04 PM       3,176       16            
Back in July we enabled Secure Sockets Layer (SSL) encryption here on PSXHAX.COM, and while most modern OS's and browsers play nice with it a few older ones still produce handshake failure errors rendering the site inaccessible on those devices.

One such case was reported by @abzii running Windows XP with Chrome 49.0.2623.112 on his desktop PC, who stated he already has SP3 installed which is supposed to allow access to sites with SSLv3 disabled by the browser due to the POODLE Attack.

If anyone is knowledgeable with HTTPS / SSL protocol here, let this test run: https://www.ssllabs.com/ssltest/analyze.html?d=www.psxhax.com&hideResults=on

Click on the results, and you'll see a few issues such as:
Code:
Android 2.3.7   No SNI 2		Server sent fatal alert: internal_error
IE 6 / XP   No FS 1      No SNI 2        Server sent fatal alert: handshake_failure
IE 8 / XP   No FS 1      No SNI 2        Server sent fatal alert: internal_error
Java 6u45   No SNI 2		Server sent fatal alert: internal_error
OpenSSL 0.9.8y 	Server sent fatal alert: handshake_failure
Comparing our cert to (for example) Xenforo's I notice the following difference only:
Rich (BB code):
Xenforo: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 128 bit keys, TLS 1.2
PSXHAX: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 128 bit keys, TLS 1.2
According to @abzii he can access Xenforo's site fine via PC, but has to access PSXHAX.COM from his mobile device.

Needless to say we'd like to get the SSL / HTTPS issue fixed for all browsers if possible... feel free to share any ideas, thoughts, suggestions, etc below or via the Contact Us page and we'll be happy to send a PayPal donation to whoever can sort it out for us. ;)
LOLCat HTTPS.jpg
 

Comments

PSXHAX

Staff Member
Moderator
Contributor
Verified
I would have if it was a Xenforo-specific issue but its probably something with the way our SSL cert is configured, the type of cert, etc.. we just used Xenforo's site as an example when trying to troubleshoot this awhile back.
 

Wultra

Developer
Senior Member
Contributor
I would have if it was a Xenforo-specific issue but its probably something with the way our SSL cert is configured, the type of cert, etc.. we just used Xenforo's site as an example when trying to troubleshoot this awhile back.


He will need to upgrade to windows vista or higher as the certificate you installed is using HTTP2.0 not 1.0 that XP uses.. thats why he getting errors and problems

But here a link for fix on http1.0

https://support.microsoft.com/en-us/kb/314864
 

PSXHAX

Staff Member
Moderator
Contributor
Verified
Thanks @VultraAID! (y) Can you try this fix he suggested @abzii?

In your opinion @VultraAID is our HTTP2.0 certificate OK, or is there a more 'universal' one that supports 1.0 and 2.0 simultaneously or some other type of server-side fix for visitors on older browsers/OS's that won't know about the M$ SSL hotfix?
 

Wultra

Developer
Senior Member
Contributor
Thanks @VultraAID! (y) Can you try this fix he suggested @abzii?

In your opinion @VultraAID is our HTTP2.0 certificate OK, or is there a more 'universal' one that supports 1.0 and 2.0 simultaneously or some other type of server-side fix for visitors on older browsers/OS's that won't know about the M$ SSL hotfix?
Http2.0 was built last year and this year was made faster webpage load and better security and the coding was encrypted..

On the other hand http1.0 yes it will work with any Os but it has a slow page response time and less secure but i would t recommand it..

And the other option is down to his browser if he using internet explorer the really old one that deffently does not support most php formats or http2.0.. He will need to use Chrome or upgrade his pc
 

Agret

Senior Member
Contributor
Verified
VultraAID is not correct. The server supports HTTP/2.0 but that doesn't mean that it is enforced, it will still answer HTTP/1.0 responses. The certificate isn't tied to the level of HTTP support.
 

abzii

Senior Member
Contributor
Ill be dl that hotfix now and will post result soon thanx for the help everyone

Setup has detected that the service pack version of the system installed is newer than the update you are applying to it.

You can only install this update on a computer with no service packs installed
 

PSXHAX

Staff Member
Moderator
Contributor
Verified
Ill be dl that hotfix now and will post result soon thanx for the help everyone

Setup has detected that the service pack version of the system installed is newer than the update you are applying to it.

You can only install this update on a computer with no service packs installed
Thanks for the follow-up @abzii, so at the moment it looks like we're back to square one... he still can't access PSXHAX.COM from his WinXP Chrome PC but he can access other HTTPS sites including Xenforo's forum.

Is there anything else users with older PC's / OS's can try besides upgrading (which may not be an option for everyone due) ? :confused:
 
Recent Articles
CECPS4: PS4 Linux Scripts with Single Keyboard Inputs by Minimurti
When initially released last June we missed doing an article covering it, but for those who fancy using single keyboard inputs to control the PS4 check out the CECPS4 Linux scripts on Github by...
Narcos: Rise of the Cartels Hits PlayStation 4 This Fall, PS4 Trailer Video
Similar to Breaking Bad, another Netflix series I got hooked on is Narcos which focuses on Colombian drug lord Pablo Escobar... and today Sony announced Narcos: Rise of the Cartels is hitting...
PS4 Exploit Host Menu Leeful Host v2 WIP Design Update and Demo
Following the PS4 X-Project Updates, Pure HEN Child Friendly Loader and X-Project GTA V Lotus Menu 1.03 Patch PlayStation 4 homebrew developer @Leeful recently shared on Twitter a work-in-progress...
PlayStation Store Offers September Savings, Up to 70% Off PSN Games
Just in time for fall, Sony's PlayStation Store September Savings sale is underway and offers discounts of up to 70% off select PS4, PS Vita and PS3 games through October 1st at 8 AM Pacific time...
Top