• Products
  • Solutions
  • Made with Unity
  • Learning
  • Support & Services
  • Community
  • Asset Store
  • Get Unity

UNITY ACCOUNT

You need a Unity Account to shop in the Online and Asset Stores, participate in the Unity Community and manage your license portfolio. Login Create account
  • Blog
  • Forums
  • Answers
  • Evangelists
  • User Groups
  • Beta Program
  • Advisory Panel

Navigation

  • Home
  • Products
  • Solutions
  • Made with Unity
  • Learning
  • Support & Services
  • Community
    • Blog
    • Forums
    • Answers
    • Evangelists
    • User Groups
    • Beta Program
    • Advisory Panel

Unity account

You need a Unity Account to shop in the Online and Asset Stores, participate in the Unity Community and manage your license portfolio. Login Create account

Language

  • Chinese
  • Spanish
  • Japanese
  • Korean
  • Portuguese
  • Ask a question
  • Spaces
    • Default
    • Help Room
    • META
    • Moderators
    • Topics
    • Questions
    • Users
    • Badges
  • Home /
avatar image
0
Question by Noah Dyer · Jan 13, 2015 at 06:32 PM · facebookapiwebrequestsslcrossdomain.xml

crossdomain.xml not working with ssl and facebook canvas

My app has a facebook canvas version at apps.facebook.com/fizzpoints.

The unity3d file is hosted at www.fizzpoints.com.

The app makes API calls to development.fizzpoints.com.

My app and API calls work fine on my tests with Android. They also work in the editor when the build settings are set to webplayer, which I understand to be emulating the same security policy as the actual webplayer.

However, in the facebook canvas, they don't work. I get the following error (I have some of this information because I installed the logviewer http://www.dreammakersgroup.com/products-2/unity3d-in-game-logs/).

NotSupportedException: https://development.fizzpoints.com/api/users/adminmessage //same for my other endpoints as well System.Net.WebRequest.GetCreator(System.String prefix) System.Net.WebRequest.Create(System.Uri requestUri) System.Net.WebRequest.Create(System.String requestUriString)

That is one of my endpoints, but it works fine in the editor with webplayer selected, as do all my other endpoints.

I followed the directions in the debugging section of this resource (http://docs.unity3d.com/Manual/SecuritySandbox.html) to see my logs. In the editor, even though the API calls work, I do get an error.

CheckingSecurityForUrl: https://development.fizzpoints.com/api/users/fblogin CheckingSecurityForUrl: https://development.fizzpoints.com/crossdomain.xml ERROR building certificate chain: System.ArgumentException: certificate ---> System.Security.Cryptography.CryptographicException: Unsupported hash algorithm: 1.2.840.113549.1.1.12 at Mono.Security.X509.X509Certificate.VerifySignature (System.Security.Cryptography.RSA rsa) [0x00000] in :0
at Mono.Security.X509.X509Certificate.VerifySignature (System.Security.Cryptography.AsymmetricAlgorithm aa) [0x00000] in :0 at System.Security.Cryptography.X509Certificates.X509Chain.IsSignedWith (System.Security.Cryptography.X509Certificates.X509Certificate2 signed, System.Security.Cryptography.AsymmetricAlgorithm pubkey) [0x00000] in unknown>:0 at System.Security.Cryptography.X509Certificates.X509Chain.Process (Int32 n) [0x00000] in unknown>:0 at System.Security.Cryptography.X509Certificates.X509Chain.ValidateChain (X509ChainStatusFlags flag) [0x00000] in :0 at System.Security.Cryptography.X509Certificates.X509Chain.Build (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) [0x00000] in unknown>:0 --- End of inner exception stack trace --- at System.Security.Cryptography.X509Certificates.X509Chain.Build (System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) [0x00000] in unknown>:0 at System.Net.ServicePointManager+ChainValidationHelper.ValidateChain (Mono.Security.X509.X509CertificateCollection certs) [0x00000] in unknown>:0 Please, report this problem to the Mono team

According to this resource (http://msdn.microsoft.com/en-us/library/ff635603.aspx), algorithm 1.2.840.113549.1.1.12 is sha384RSA, but my certificate issuer (Comodo) assures me that the only possible algorithm used was SHA256 (presumably algorithm 1.2.840.113549.1.1.11).

Subsequent calls to the same and other endpoints do not result in an error, just the single line:

CheckingSecurityForUrl: https://development.fizzpoints.com/api/users/adminmessage

Additional Info As you may have noticed, I'm making my calls with the HTTPWebRequest class. I'm not using unity's WWW class because I need to be able to change request headers, which, if it is possible, eluded me when I experimented with the class.

My SSL configuration file on my server contains the following 2 lines:

SSLProtocol all -SSLv2

SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

Are any of those directives causing trouble for Unity?

Comment
Add comment
10 |3000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

1 Reply

· Add your reply
  • Sort: 
avatar image
1

Answer by jvaughan22 · Jul 08, 2015 at 07:40 AM

I've seen similar certificate problems:

http://forum.unity3d.com/threads/https-x509-certificate-sha-2-signature-problems-on-ios.339163/

Comment
Add comment · Share
10 |3000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Your answer

Hint: You can notify a user about this post by typing @username

Up to 2 attachments (including images) can be used with a maximum of 524.3 kB each and 1.0 MB total.

Welcome to Unity Answers

The best place to ask and answer questions about development with Unity.

To help users navigate the site we have posted a site navigation guide.

If you are a new user to Unity Answers, check out our FAQ for more information.

Make sure to check out our Knowledge Base for commonly asked Unity questions.

If you are a moderator, see our Moderator Guidelines page.

We are making improvements to UA, see the list of changes.



Follow this Question

Answers Answers and Comments

26 People are following this question.

avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image

Related Questions

FB.Apprequest problem 0 Answers

Facebook for Android SSL Problem 0 Answers

Getting facebook picture 2 Answers

Need to Authenticate users with Google, FB and the like on a UWP project 0 Answers

Unity+Facebook cross domain issue 1 Answer

  • Anonymous
  • Sign in
  • Create
  • Ask a question
  • Spaces
  • Default
  • Help Room
  • META
  • Moderators
  • Explore
  • Topics
  • Questions
  • Users
  • Badges