-
There seems to be an uptick in Political comments in recent months. Those of us who are long time members of the site know that Political and Religious content has been banned for years. Nothing has changed. Please leave all political and religious comments out of the forums.
If you recently joined the forums you were not presented with this restriction in the terms of service. This was due to a conversion error when we went from vBulletin to Xenforo. We have updated our terms of service to reflect these corrections.
Please note any post refering to a politician will be considered political even if it is intended to be humor. Our experience is these topics have a way of dividing the forums and causing deep resentment among members. It is a poison to the community. We appreciate compliance with the rules.
The Staff of SOH
-
Please see the most recent updates in the "Where did the .com name go?" thread. Posts number 16 and 17.
Flight 1 Help
- Thread starter JoeW
- Start date
Well ...... Dave was here about 3 hours, working away.........
He didn't win the battle but he won the war. By that I mean that he/we didn't find what the problem was but it got fixed. It's something in my user setup that stopping it. He made another user and it works fine.
I can't thank Dave enough for doing this. He really put his all into it.
Thanks Dave Again.
He didn't win the battle but he won the war. By that I mean that he/we didn't find what the problem was but it got fixed. It's something in my user setup that stopping it. He made another user and it works fine.
I can't thank Dave enough for doing this. He really put his all into it.
Thanks Dave Again.
Recap on this ............ I recieved a PM from Dave this morning and made the changes below.
The connection now works in the Profile that I was using. One or more of these are the cure.
We/He won the battle and the war.
Open IE8
Go to Tool/Internet Options
Go to the Advanced Tab
At the bottom of the list is a section called Security
Make sure these are checked
Check for Publisher's Certificate revocation
Check for server certificate revocation
Check for signatures on download programs
Enable DOM Storage
Enable Integrated Windows Authentication
Enable memory protection to help mitigate online attacks
Enable native XMLHTTP support
Enable SmartScreen Filter
Use SSL 3.0
Use TLS 1.0
Warn about certificate address mismatch
Warn if POST submittal is redirected to a zone that does not permit posts
My guess is we will find that Use TLS 1.0 is not checked but that is just a guess.
About half of the above were not checked. Including the TLS 1.0.
The connection now works in the Profile that I was using. One or more of these are the cure.
We/He won the battle and the war.
Open IE8
Go to Tool/Internet Options
Go to the Advanced Tab
At the bottom of the list is a section called Security
Make sure these are checked
Check for Publisher's Certificate revocation
Check for server certificate revocation
Check for signatures on download programs
Enable DOM Storage
Enable Integrated Windows Authentication
Enable memory protection to help mitigate online attacks
Enable native XMLHTTP support
Enable SmartScreen Filter
Use SSL 3.0
Use TLS 1.0
Warn about certificate address mismatch
Warn if POST submittal is redirected to a zone that does not permit posts
My guess is we will find that Use TLS 1.0 is not checked but that is just a guess.
About half of the above were not checked. Including the TLS 1.0.
For future reference to those who may need it.
TeaSea almost had the answer but the issue was not a bad certificate but an inability to use TLS certificates. The attached screen shot is of a Wire Shark capture of a successful connection test to the Flight1 server.
View attachment 25875
The first few connections are a hand shake between the software and the Flight1 server.
In item 4 we see that the protocol has changed from TCP to TLSv1. TLS is a Transfer Layer Security it is an extension of SSL encryption. There are a series of exchanges until a success message is sent.
On Joe's PC step number 4 never happens. His PC creates another message to the server that contains [FIN] which ends the session and generates a failure.
Following the normal test procedure and disabling anything that moves did not fix the issue. We then moved on to an item by item comparison of his computer and my laptop related to the settings in IE and Firefox. Some of the settings were different and those we changed to how they were set in my laptop. Naturally none of that worked.
Then as we were discussing things Joe mentioned creating a new log on ID. Which is a great idea to isolate if the issue is in his settings.
So we created a new user and with that new user we launched the InstantScenery2.exe and it passed the connection test.
That was an extreme good news because we finally had the problem nailed down it is an inability to in his profile to use TLS encryption.
We extracted Instant Scenery 2 and then installed it from his original profile, fired up FSX and tested with complete success.
At this point the game plan since we know what the problem is and just don't know where the options are housed was to create a post here describing the problem and wait for one of our other members here who knows the answer to respond. Great Idea right?
Well yes but on the drive home I remembered one other place to look for settings that I am not sure how I missed when we were checking settings for IE8.
I sent this PM to Joe later that evening after I got home.
This is the kind of problem that will eat at someone until they absolutely hate Flight1 but it is not their fault or problem. It would be good for customers support to have an understanding of what their program is doing so they could educate the customer on how to fix it. This is one of those easy fixes that is impossibly hare to find.
Dave
TeaSea almost had the answer but the issue was not a bad certificate but an inability to use TLS certificates. The attached screen shot is of a Wire Shark capture of a successful connection test to the Flight1 server.
View attachment 25875
The first few connections are a hand shake between the software and the Flight1 server.
In item 4 we see that the protocol has changed from TCP to TLSv1. TLS is a Transfer Layer Security it is an extension of SSL encryption. There are a series of exchanges until a success message is sent.
On Joe's PC step number 4 never happens. His PC creates another message to the server that contains [FIN] which ends the session and generates a failure.
Following the normal test procedure and disabling anything that moves did not fix the issue. We then moved on to an item by item comparison of his computer and my laptop related to the settings in IE and Firefox. Some of the settings were different and those we changed to how they were set in my laptop. Naturally none of that worked.
Then as we were discussing things Joe mentioned creating a new log on ID. Which is a great idea to isolate if the issue is in his settings.
So we created a new user and with that new user we launched the InstantScenery2.exe and it passed the connection test.
That was an extreme good news because we finally had the problem nailed down it is an inability to in his profile to use TLS encryption.
We extracted Instant Scenery 2 and then installed it from his original profile, fired up FSX and tested with complete success.
At this point the game plan since we know what the problem is and just don't know where the options are housed was to create a post here describing the problem and wait for one of our other members here who knows the answer to respond. Great Idea right?
Well yes but on the drive home I remembered one other place to look for settings that I am not sure how I missed when we were checking settings for IE8.
I sent this PM to Joe later that evening after I got home.
These last settings of course are where the problem was hiding the whole time.
This is the kind of problem that will eat at someone until they absolutely hate Flight1 but it is not their fault or problem. It would be good for customers support to have an understanding of what their program is doing so they could educate the customer on how to fix it. This is one of those easy fixes that is impossibly hare to find.
Dave
TeaSea
SOH-CM-2014
Good work Dave! Do I get partial credit?
That's actually something else I should have suggested. With the new install he would go back to Default IE settings, and TLSv1 is not normally enabled. I should have remembered the problems with that since I ran across it initially at my job site when we made some changes to our baseline image.
I'm assuming the site log on uses a more basic type of authentication and certs since he was able to log on (that threw me) and authenticate to the vendor site.
Nice of you to run down and see Joe. Maybe we can fly over sometime.
That's actually something else I should have suggested. With the new install he would go back to Default IE settings, and TLSv1 is not normally enabled. I should have remembered the problems with that since I ran across it initially at my job site when we made some changes to our baseline image.
I'm assuming the site log on uses a more basic type of authentication and certs since he was able to log on (that threw me) and authenticate to the vendor site.
Nice of you to run down and see Joe. Maybe we can fly over sometime.
Joe should have the ticket still open and I would be including a link to the thread in the reason for closing the ticket.
Read my post again TeaSea you got first billing
Let me know the next time you are going over and I will meet the two of you there.
Read my post again TeaSea you got first billing
Let me know the next time you are going over and I will meet the two of you there.
I sent the results of this to Flight 1 this morning along with a copy of the PM from Dave. I hope it will save someone the same hairpulling I went through.
This is another case of the restore from a backup biting you in the butt. In most cases it helps but to restore some of the bad also happens.
This is another case of the restore from a backup biting you in the butt. In most cases it helps but to restore some of the bad also happens.
falcon409
SOH-CM-2025
It also shows that whether you use IE8 or not, it can still be a pain in the butt. The whole time I was trying to install and verify from a Flight1 installer and knew I had a good connection, it would not allow me to complete the verification, saying I needed an "Internet Connection". After much cussing and searching, it was IE who was the culprit. It was not set to recognize a connection. Since I don't use IE and wish it could be wiped from the face of the earth, it still sits there and laughs while you try to figure out why something won't work. Grrrr. Glad you and a few of your friends got this figured out Joe.:salute:
