Factorio Forums

Hi Factorio Team,

From yesterday I tried (without any success) to login onto factorio.com, but instead I got a Using Firefox (v92) and the error occurs.
Using Chrome (v94) and no error occurs, I'm able to login.

More information,
I used to run headless factorio from a VPS linux server. From there, I use wget / curl to download headless build (tar.xz url).
But, this does not work for now :
wget (or curl) warns me about SSL Certificate validation expiration problem.
(telling me to use unsecure request option)

Currently, there is a worldwide problem with Letsencrypt Root Certification expiration.

Could this be a related problem ?
Cloudflare / Your server certificate have to be double checked ?

I'm still there if I can bring you more information.

Best regards

Hi, thank you for reporting the issue. I am currently investigating the 400 CSRF error and am unable to reproduce it. Could you please provide me with the following information:

Which operating system are you running?

In Firefox, press CTRL+Shift+I (Inspect element), switch to the Storage tab, on the left, under Cookies, choose https://factorio.com, and tell me if there is a "session" cookie present in the list. (Please do not copy the contents)

Thank you

Thank you for your consideration. Under Cookies:
I have 3 'phpbb3_4hp<...>' key/value pair.
I have 2 'session' key with different values.
One 'session' key is for domain: www.factorio.com
The other one (and all phpbb3 related) are for domain: .factorio.com

Under Local storage, I have two myshopify related key/value pair.

Tonton.Sancho wrote: ↑

Tue Oct 05, 2021 2:13 pm

Under Cookies:
I have 3 'phpbb3_4hp<...>' key/value pair.
I have 2 'session' key with different values.
One 'session' key is for domain: www.factorio.com
The other one (and all phpbb3 related) are for domain: .factorio.com

Thank you. Can you please clear the two session cookies (you can do so by right clicking from the same menu and choosing Delete "session..."), refresh the login page, and attempting to log in again. In other words, clearing your cookies ;), of course there is no need to delete the phpBB cookies. Let me know if that helps.

Tonton.Sancho wrote: ↑

Tue Oct 05, 2021 1:31 pm

Currently, there is a worldwide problem with Letsencrypt Root Certification expiration.

With the end of September, an intermediate certificate that allowed for widespread acceptance of Let's Encrypt certificates expired. By now clients should have had enough time to update and be aware of Let's Encrypt's own root certificate and thus shouldn't need the intermediate anymore. Update the server you used to run wget/curl. (I ran into this at work today, on an Ubuntu 16.04.)
The CSRF issue seems unrelated.

Sanqui wrote: ↑

Tue Oct 05, 2021 3:24 pm

Thank you. Can you please clear the two session cookies (you can do so by right clicking from the same menu and choosing Delete "session..."), refresh the login page, and attempting to log in again. In other words, clearing your cookies , of course there is no need to delete the phpBB cookies. Let me know if that helps.

It was the point, login success now.

Hard to known, from my usage, how could I have prevented this ? (the two session key collision)