Post by Amos in cant log in to the itch.io app

Viewing post in cant log in to the itch.io app

↑ View parent post

Amos4 years ago

I’m back with some more information from the Go team, and some more questions:

Are you behind any kind of proxy?
Can you access https://api.itch.io/ with Google Chrome? With Firefox? With curl? (curl https://api.itch.io/ in the command-line). What certificate chain do you see in Google Chrome & Firefox?
Can you install the latest Go from https://golang.org/ and run GODEBUG=x509roots=1 go test -v -run TestSystemRoots crypto/x509 ?

Please respond in as much detail as you can!

Like Reply

Nikki Nyx4 years ago

Ok...

Are you behind any kind of proxy?
No. Here's the screenshot from my System Prefs:

Can you access https://api.itch.io/ with Google Chrome?
No. There's just code on that page for me. Specifically...

{"errors":["invalid api endpoint"]}

What certificate chain do you see in Google Chrome?
>AddTrust External CA Root
>USERTrust RSA Certification Authority
>Sectigo RSA Domain Validation Secure Server CA
>*.itch.io
And it's valid.

Can you access https://api.itch.io/ with Firefox?
I don't have Firefox installed, but trying it in Safari results in the same code as Chrome.

Can you install the latest Go from https://golang.org and run

GODEBUG=x509roots=1 go test -v -run TestSystemRoots crypto/x509

Yes. Here are the results...

=== RUN   TestSystemRoots
crypto/x509: kSecTrustSettingsResultInvalid = 0
crypto/x509: kSecTrustSettingsResultTrustRoot = 1
crypto/x509: kSecTrustSettingsResultTrustAsRoot = 2
crypto/x509: kSecTrustSettingsResultDeny = 3
crypto/x509: kSecTrustSettingsResultUnspecified = 4
crypto/x509: Ipswitch,Inc. returned 4
crypto/x509: Developer ID Certification Authority returned 2
crypto/x509: Equifax Secure Certificate Authority returned 4
crypto/x509: GTE CyberTrust Global Root returned 4
crypto/x509: Thawte Premium Server CA returned 4
crypto/x509: Thawte Server CA returned 4
crypto/x509: Class 3 Public Primary Certification Authority returned 4
crypto/x509: exec ["/usr/bin/security" "trust-settings-export" "-d" "/var/folders/q4/_9w_7lqd3n55t9p_4p0x545c0000gn/T/x509trustpolicy743388804/admin"]: exit status 1, SecTrustSettingsCreateExternalRepresentation: No Trust Settings were found.
crypto/x509: 2 certs have a trust policy
crypto/x509: verify-cert approved CN=Developer ID Certification Authority,OU=Apple Certification Authority,O=Apple Inc.,C=US
crypto/x509: verify-cert rejected CN=Ipswitch\,Inc.,OU=Ipswitch\,Inc.,O=Ipswitch\,Inc.,L=Lexington,ST=MA,C=US: "Cert Verify Result: CSSMERR_TP_NOT_TRUSTED"
crypto/x509: verify-cert approved CN=Developer ID Certification Authority,OU=Apple Certification Authority,O=Apple Inc.,C=US
crypto/x509: ran security verify-cert 3 times
--- PASS: TestSystemRoots (0.25s)
    root_darwin_test.go:35:     cgo sys roots: 77.212901ms
    root_darwin_test.go:36: non-cgo sys roots: 151.194094ms
    root_darwin_test.go:106: expired certificate only present in cgo pool (acceptable): CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\, Inc.,O=GTE Corporation,C=US
    root_darwin_test.go:114: 1024-bit certificate only present in cgo pool (acceptable): CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA
    root_darwin_test.go:114: 1024-bit certificate only present in cgo pool (acceptable): OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
    root_darwin_test.go:114: 1024-bit certificate only present in cgo pool (acceptable): CN=Thawte Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA
    root_darwin_test.go:106: expired certificate only present in cgo pool (acceptable): OU=Equifax Secure Certificate Authority,O=Equifax,C=US
PASS
ok      crypto/x509    0.263s

I hope this info is helpful!

Like Reply