UnityGLTF icon indicating copy to clipboard operation
UnityGLTF copied to clipboard

Published 20 hours ago verified publisher icon KhronosGroup

TlsException when loading GLTF From https URI

Open spacecheeserocks opened this issue 5 years ago • 4 comments

Loading a GLTF file from a HTTPS URL fails with TlsException: The authentication or decryption has failed.

It looks like someone has already attempted to fix this issue by adding a Certificate Validation Callback at WebRequestLoader.cs:82 in commit 52d1e09723c68aab9e06a6e13d748b9fa346bde3

But this validation callback is not actually ever invoked.

Some online research seems to suggest that the Mono implementation of HttpClient does not support TLS 1.2, which could be the cause of this issue. https://stackoverflow.com/a/47664746

Tested in Unity 2017.4.23f1 - i would assume that 5.6 would also have this issue.

Some previous version of the WebRequestLoader class used UnityWebRequest and worked fine.

Reproduction Steps

  • Create a UnityGLTF Component, setting the GLTFUri to a gltf file on a HTTPS Server using TLS 1.2
  • Observe the "Loading failed, retrying" warnings until the TlsException is thrown.

spacecheeserocks avatar Mar 22 '19 15:03 spacecheeserocks

My proof that the Certificate Validation Callback is not actually used is probably not flawless, but I used the following steps:

  • Breakpoint WebRequestLoader.cs:30 to ensure the callback is being assigned
  • Breakpoint WebRequestLoader.cs:83 to check if the callback is ever invoked (breakpoint is never hit)
  • Added the following lines into the callback (the error is not fired, the player does not pause)
            UnityEngine.Debug.LogError("Running Cert Validation Callback...");
            UnityEngine.Debug.Break();

spacecheeserocks avatar Mar 22 '19 16:03 spacecheeserocks

Can we get some focus on this? This is a real problem for us!

lostintriangulation avatar May 09 '19 16:05 lostintriangulation

Thanks for reporting this issue. We're happy to accept contributions to fix this issue. If you have a fix, please send us a PR and we'll review it quickly.

AdamMitchell-ms avatar May 20 '19 21:05 AdamMitchell-ms

Just a little update for anyone stumbling across this issue. I don't know which unity version that this changed exactly, but I recently tested this behaviour in 2018.4 and this issue no longer seems to be the case.

Basically, if you're targeting 2018.4 or higher, it seems safe to use HttpClient. If you're targeting lower, you should test if HttpClient works with HTTPS first.

If you still need old unity code, it should be reasonable to replace the HttpClient code with UnityWebRequest, which does support HTTPS.

spacecheeserocks avatar Mar 09 '21 19:03 spacecheeserocks

Please update to the latest version and open a new issue if the problem persists. Thanks!

pfcDorn avatar Feb 09 '24 08:02 pfcDorn