• October 7, 2024 at 8:56 am #7181
    Matthew DudleyMatthew Dudley
    Participant

    Hi, Im trying to run the alpha appimage I downloaded yesterday. Im able to run the appimage as an executable and I get the prompt for a license, I signed up, put in my activation key but am stuck with a message that TLS initialization failed. Im using an arch variant of linux. I’ll keep looking on my end. Any help is appreciated.
    grap of prompt showing tls fail

    October 7, 2024 at 1:58 pm #7183
    Frederik ChristianiFrederik
    Keymaster

    My immediate guess is that you’re missing some CA-certificates package or that the one you have is outdated.

    Which output does the following command in a terminal give?
    $ openssl s_client -connect licenses.animationpaper.com:443 -showcerts < /dev/null

    • This reply was modified 2 months, 1 week ago by Frederik.
    October 7, 2024 at 5:57 pm #7185
    Matthew DudleyMatthew Dudley
    Participant

    thanks for this, I’ll paste the output minus certificates below

    Connecting to 89.239.201.204
    CONNECTED(00000003)
    depth=2 C=US, O=Internet Security Research Group, CN=ISRG Root X1
    verify return:1
    depth=1 C=US, O=Let’s Encrypt, CN=E6
    verify return:1
    depth=0 CN=licenses.animationpaper.com
    verify return:1

    Certificate chain
    0 s:CN=licenses.animationpaper.com
    i:C=US, O=Let’s Encrypt, CN=E6
    a:PKEY: id-ecPublicKey, 256 (bit); sigalg: ecdsa-with-SHA384
    v:NotBefore: Sep 23 10:11:47 2024 GMT; NotAfter: Dec 22 10:11:46 2024 GMT
    —–BEGIN CERTIFICATE—–
    ***removed
    —–END CERTIFICATE—–
    1 s:C=US, O=Let’s Encrypt, CN=E6
    i:C=US, O=Internet Security Research Group, CN=ISRG Root X1
    a:PKEY: id-ecPublicKey, 384 (bit); sigalg: RSA-SHA256
    v:NotBefore: Mar 13 00:00:00 2024 GMT; NotAfter: Mar 12 23:59:59 2027 GMT
    —–BEGIN CERTIFICATE—–
    ***removed
    —–END CERTIFICATE—–

    Server certificate
    subject=CN=licenses.animationpaper.com
    issuer=C=US, O=Let’s Encrypt, CN=E6

    No client certificate CA names sent
    Peer signing digest: SHA256
    Peer signature type: ECDSA
    Server Temp Key: X25519, 253 bits

    SSL handshake has read 2398 bytes and written 399 bytes
    Verification: OK

    New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256
    Server public key is 256 bit
    This TLS version forbids renegotiation.
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    Early data was not sent
    Verify return code: 0 (ok)


    Post-Handshake New Session Ticket arrived:
    SSL-Session:
    Protocol : TLSv1.3
    Cipher : TLS_AES_128_GCM_SHA256
    Session-ID: 82C10F9DB75900C47FAEDAEC832DF4BB9883C1EF244AED3B73D3A41D5024E4B6
    Session-ID-ctx:
    Resumption PSK: B3D750026526B11F4DBCDA788DD7C21F6860EB63658A4DFCB57623C3A001FA3A
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 604800 (seconds)
    TLS session ticket:
    0000 – 39 15 80 1e 48 37 26 4a-23 0a 2d 00 5f 33 d5 68 9…H7&J#.-._3.h
    0010 – 9e 5f 59 22 f4 b7 30 a8-98 99 dd 71 73 1e 6e 82 ._Y”..0….qs.n.
    0020 – bb 2c ce 3b 20 9d 72 a5-92 8e 25 7b c0 bc e3 7a .,.; .r…%{…z
    0030 – 41 97 04 81 7f 9c f6 87-c7 4d 2e 66 d1 bc 41 11 A……..M.f..A.
    0040 – 3c 8c 76 ed b0 22 05 b7-49 73 82 9f 13 5f 91 f7 <.v..”..Is…_..
    0050 – 53 29 7d a5 59 e9 e3 1b-2f 3f 81 cc 9b e7 71 27 S)}.Y…/?….q’
    0060 – cb a8 53 8d a5 de b2 b9-7b ..S…..{

    Start Time: 1728313028
    Timeout : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0

    read R BLOCK
    DONE

    October 8, 2024 at 4:58 pm #7187
    Frederik ChristianiFrederik
    Keymaster

    Thanks, that does look correct.
    I wonder if AnimationPaper is loading the openssl libraries at all.
    If you have strace installed, could you try the following:

    $ strace ./Animation_Paper-x86_64.AppImage 2>&1 | grep -E ‘^open(at)?\(.*\crypto.so’

    October 10, 2024 at 6:47 am #7194
    Matthew DudleyMatthew Dudley
    Participant

    Ive installed strace, I tried what you suggested above and I get a syntax error. Ive renamed the file name to match what is in my download folder where I am running this. Strace seems to be working if I run it on the appimage, I get a fire hose of text.

    here is the result Im getting with the syntax error:
    strace ./AnimationPaper.AppImage 2>&1 | grep -E ‘^open(at)?\(.*\crypto.so’
    bash: syntax error near unexpected token `(‘

    thanks for the help and ideas.

    October 10, 2024 at 8:49 am #7198
    Frederik ChristianiFrederik
    Keymaster

    I think the forum has messed with the quotation marks. Let’s hope it works better this time.

    $ strace ./Animation_Paper-x86_64.AppImage 2>&1 | grep -E ‘^open(at)?\(.*\crypto.so’

    Edit: Nope, still the same problem. They should both be a simple single quotation mark.
    Edit2: It seems the one needed is called the typewriter apostrophe (https://en.wikipedia.org/wiki/Apostrophe#ASCII_encoding)

    • This reply was modified 2 months ago by Frederik.
    • This reply was modified 2 months ago by Frederik.
    November 21, 2024 at 6:30 am #7311
    kale yeskale yes
    Participant

    Hi, i am having the same problem as described above, and although i was not able to get the strace command to show any results, i did get these messages showing when i ran the appimage through the terminal and typed in my activation key.

    qt.tlsbackend.ossl: Incompatible version of OpenSSL (built with OpenSSL >= 3.x, runtime version is < 3.x)
    qt.network.ssl: The backend “cert-only” does not support QSslKey
    qt.network.ssl: Active TLS backend does not support key creation
    qt.network.ssl: The backend “cert-only” does not support QSslKey
    qt.network.ssl: Active TLS backend does not support key creation
    qt.network.ssl: The backend “cert-only” does not support QSslKey
    qt.network.ssl: Active TLS backend does not support key creation
    qt.network.ssl: The backend “cert-only” does not support QSslKey
    qt.network.ssl: Active TLS backend does not support key creation
    qt.network.ssl: The backend “cert-only” does not support QSslKey
    qt.network.ssl: Active TLS backend does not support key creation
    qt.network.ssl: The backend “cert-only” does not support QSslKey
    qt.network.ssl: Active TLS backend does not support key creation
    qt.network.ssl: The backend “cert-only” does not support QSslSocket
    qt.network.ssl: The backend named “cert-only” does not support TLS
    qt.network.ssl: QSslSocket::connectToHostEncrypted: TLS initialization failed
    “TLS initialization failed” QNetworkReply::UnknownNetworkError
    “”

    I hope this helps!

    November 21, 2024 at 7:15 am #7312
    Niels Krogh MortensenNiels
    Keymaster

    Very helpful Kale! Thanks! I will show this to Frederik.

    Best,
    Niels

    November 21, 2024 at 7:46 am #7313
    kale yeskale yes
    Participant

    Glad i could help 🙂

    November 21, 2024 at 10:30 am #7315
    Frederik ChristianiFrederik
    Keymaster

    Thanks.
    I believe this has led me to the cause of this problem, and I hope to have a fix for it in the next release.

You must be logged in to reply to this topic.