HTTPSecureSocket Issue?

I’ve been using Kaju as my version checker for updates and the app in question was last updated 2 years ago. I received a support ticket this week, saying they were “checking for updates” and it keeps coming back with my custom message saying “Unable to check, if this persists contact technical support”, which they did.

Sure enough, I get the same thing. Both Windows and Mac versions. If I debug in Xojo, I see it seems to return a 102 error, remote closes connection. My webserver is something I host, NGINX, and I see no access in the logs, nor an error. It’s like it’s being rejected early on.

Now, if I do a curl test with --http1.0 and also the various TLS/SSL options, I can get the required json file. No rejections.

I know HTTPSecureSocket is depracated and I’ve started working on my upgrades, so will replace the update mechanism.

If I can just get it working for the existing hundreds of copies out there… (It used tooo… lol).

I am pointing at something I need to change with nginx server, but any thoughts? Thanks

Could it be old versions of TLS or even SSL, which would be rejected by most HTTP servers these days, for security reasons.

1 Like

Yeah, I agree. I’m seeing what I can do to at least kick in for a few months, all that site serves is the update json file!

I would have hoped the access issue would be logged!

I’m sorry to say that it might just be too late. The security protocols that are a problem in HTTPSecureSocket have been so at least since Xojo introduced Xojo.Net.HttpSocket and URLConnection which is probably 8 years ago now.

I had a problem with something like this in the past, and it went like this:

  • old version of Xojo socket was not including the host: header, so I added it manually
  • Xojo update fixed that bug so…
  • my HTTP request had two identical host: headers
  • this worked fine for years, until…
  • an Apache web server update decided to reject HTTP requests with duplicate headers
  • as a result, my customer’s software could no longer get version check info
  • it was hard to debug because Apache was rejecting the request before it was logged.

I would try to capture the packets between your software and your server using something like WireShark.

Cracked it.

Well, setup a new server, used OpenLiteSpeed and enabled all protocols. Boom, now it connects and works. I can live with that for a few months! ($3.50/mo with Amazon LightSail).

Thanks for the feedback.