Factorio Forums

Posted: **Wed Jan 15, 2025 4:10 pm**

After upgrading to version 2.0.30, Factorio can no longer check updates or mods.
Downgrading to 2.0.28 resolves the issue.
I am using macOS Ventura 15.2.

Posted: **Wed Jan 15, 2025 4:32 pm**

Please provide the log file so we have more details.

Could something be overwriting the `SSL_CERT_FILE` environmental variable? Please try opening the terminal and launching Factorio as follows:

Code: Select all

SSL_CERT_FILE="" /Applications/Factorio/factorio.app/Contents/MacOS/factorio

Posted: **Thu Jan 16, 2025 9:28 am**

Thanks for your advice, please find attached the log file.

Launching Factorio with your suggested command yields the same error.

Code: Select all

10.144 Info HttpSharedState.cpp:55: Downloading https://updater.factorio.com/updater/get-available-versions?username=yghgdzs&token=<private>&apiVersion=2
10.333 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)

I can confirm that SSL_CERT_FILE is not set. Running curl from Terminal lets me connect to https://updater.factorio.com/updater/ge ... e-versions and retrieve the version list without problem.

Posted: **Tue Jan 21, 2025 11:35 pm**

I have the same error.

It appears that it is blocking publishing the game on the game server.

Code: Select all

   0.007 Operating system: macOS 10.13.6

Code: Select all

   6.030 Info ServerRouter.cpp:547: Own address is IP ADDR:({49.176.252.47:34197}) (confirmed by pingpong3)
   6.030 Info ServerRouter.cpp:547: Own address is IP ADDR:({49.176.252.47:34197}) (confirmed by pingpong4)
   6.183 Info ServerRouter.cpp:547: Own address is IP ADDR:({49.176.252.47:34197}) (confirmed by pingpong2)
   6.527 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
  36.681 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
  66.719 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
  96.656 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
  96.661 Error ServerMultiplayerManager.cpp:743: Matching server connection failed: Error when creating server game: Download failed (status code 520): failed to parse JSON response: Unexpected character (S) at ?:1

Posted: **Thu Jan 23, 2025 11:07 am**

To help troubleshoot, please let me know:

Do you have any curl-related environmental variables? Run in a terminal:

Code: Select all

env | grep -i curl

(We could also check for anything tls or ssl related in the entirety of `env`)

Do you have a `~/.curlrc` file?

---

In the meantime, as a workaround, it is possible to disable TLS verification by editing config.ini and putting the following text in the `[other]` section near the top of the file.

Code: Select all

[other]
disable-tls-verification=true

Then log out and log in again before attempting an update (the setting doesn't get applied otherwise). This comes with the disclaimer that network communications with our servers will become insecure.

Posted: **Thu Jan 23, 2025 3:38 pm**

@sanqui Could you check if there is any change since version 2.0.28? I redownloaded the version and everything is fine. But upgrading again to 2.0.30-2.0.32 results in the ssl error.

I also don't have any env variables for curl and also no cfg file.

Code: Select all

❯ ~
env | grep -i curl

❯ ~
/bin/ls ~/.curlrc
ls: /Users/<username>/.curlrc: No such file or directory

Posted: **Thu Jan 23, 2025 3:44 pm**

2.0.28 enabled TLS verification.

Posted: **Fri Jan 24, 2025 3:30 am**

2.0.28 works fine.

2.0.30 is the one that is failing.

No curl related stuff

Code: Select all

proxy:~% env | grep -i curl
proxy:~% l ~/.curlrc
ls: /Users/peter/.curlrc: No such file or directory

I added:

Code: Select all

[other]
disable-tls-verification=true

And retried 2.0.30. It is still reporting:

Code: Select all

  12.074 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
  42.035 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
  72.181 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
 102.045 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
 102.052 Error ServerMultiplayerManager.cpp:743: Matching server connection failed: Error when creating server game: Download failed (status code 520): failed to parse JSON response: Unexpected character (S) at ?:1

I have reverted back to 2.0.28.

Any other suggestions?

Posted: **Fri Jan 24, 2025 3:44 am**

My mistake, 2.0.29 or 2.0.30 enabled it. I forget which.

Posted: **Fri Jan 24, 2025 5:43 am**

Can you capture a Wireshark dump of traffic between your Computer and the “updater.factorio.com” endpoint? In particular, the TCP handshake (SYN/ACK); and the following TLS handshake / certificate exchange. There should be some hints in the packet exchange to indicate where the error occurs.

Another thing to investigate: does your network have any sort of “Corporate Firewall”? Such as a Fortigate, Checkpoint, Sophie, Barracuda? It may be that it is trying to “inspect” the TLS traffic, and Factorio is legitimately failing the Verification step.

In professional Applications where I have worked on TLS verification mechanisms, I found it very useful to Log the Certificate details any time that a VerificationFail occurs; especially the Thumbprint, CN=, and Issuer= fields from the certificate.

Posted: **Fri Jan 24, 2025 8:25 am**

eugenekay wrote: Fri Jan 24, 2025 5:43 am Another thing to investigate: does your network have any sort of “Corporate Firewall”? Such as a Fortigate, Checkpoint, Sophie, Barracuda? It may be that it is trying to “inspect” the TLS traffic, and Factorio is legitimately failing the Verification step.

No, there is no corporate firewall.

eugenekay wrote: Fri Jan 24, 2025 5:43 am Can you capture a Wireshark dump of traffic between your Computer and the “updater.factorio.com” endpoint? In particular, the TCP handshake (SYN/ACK); and the following TLS handshake / certificate exchange. There should be some hints in the packet exchange to indicate where the error occurs.

My issue appears with the game server - what host is that connecting to? What Wireshark Capture filter would I use to get the required data?

Posted: **Fri Jan 24, 2025 11:21 am**

Rseding91 wrote: Fri Jan 24, 2025 3:44 am My mistake, 2.0.29 or 2.0.30 enabled it. I forget which.

Seems it's 2.0.30, because the previous versions work fine.

Disabling TLS requires me to log back in again every time. Was this the intended behavior? If so, could we make it remember the setting?

Currently, I have to perform these steps after each restart of Factorio:
1. Launch Factorio with TLS disabled
2. An SSL verification error appears
3. Log out of my account and log back in
4. Game updates and mod pages become functional

Posted: **Fri Jan 24, 2025 12:02 pm**

It appears that Factorio does not use the CA file on my system. In the CLI, I am able to connect to the update server via curl; however, the embedded curl within Factorio is unable to establish a connection (see logs below).

How can I tell Factorio to use my CA file?
The settings don't have any effects:

SSL_CERT_FILE
CURL_CA_BUNDLE
~/.curlrc

Factorio log

Code: Select all

   9.280 Factorio initialised
   9.283 Info HttpSharedState.cpp:55: Downloading https://updater.factorio.com/updater/get-available-versions?username=<user>&token=<private>&apiVersion=2
   9.410 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
   9.410 Info HttpSharedState.cpp:184: Downloading https://updater.factorio.com/updater/get-available-versions?username=<user>&token=<private>&apiVersion=2
   9.410 Info HttpSharedState.cpp:185: Status code: 0
  18.852 Quitting: user-quit.
  19.185 Goodbye

Curl log

Code: Select all

curl -v "https://updater.factorio.com/updater/get-available-versions?username=<user>&token=<token>&apiVersion=2"

* Host updater.factorio.com:443 was resolved.
* IPv6: (none)
* IPv4: 13.248.132.87, 35.71.145.101, 75.2.97.79, 99.83.151.71
*   Trying 13.248.132.87:443...
* Connected to updater.factorio.com (13.248.132.87) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-AES256-GCM-SHA384 / [blank] / UNDEF

Posted: **Tue Jan 28, 2025 8:47 am**

I haven't been able to set up an environment in which I can reproduce this issue, and it seems there is not many of you being affected. I don't know why curl in Factorio has trouble using the system certificate bundle, but I wrote some code that will attempt to work-around this problem by switching to the built-in certificate bundle, which we already ship for Linux users we fail to load the system one for. This will go out in the next release (2.0.33).

Posted: **Tue Jan 28, 2025 4:31 pm**

The issue remains in version 2.0.33, but with at least the TLS disable feature preserved across restarts. I no longer need to perform a logout followed by a login after each launch.

Log with TSL enabled

Code: Select all

   8.990 Factorio initialised
   8.993 Info AuthServerConnector.cpp:617: Performing TLS check.
   8.994 Info HttpSharedState.cpp:55: Downloading https://auth.factorio.com/tls-check/success
   9.049 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
   9.049 Info HttpSharedState.cpp:184: Downloading https://auth.factorio.com/tls-check/success
   9.049 Info HttpSharedState.cpp:185: Status code: 0
   9.049 Info AuthServerConnector.cpp:634: TLS check failed, attempting to switch to built-in certificate bundle.
   9.049 Info HttpSharedState.cpp:55: Downloading https://auth.factorio.com/tls-check/success
   9.105 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
   9.105 Info HttpSharedState.cpp:184: Downloading https://auth.factorio.com/tls-check/success
   9.105 Info HttpSharedState.cpp:185: Status code: 0
   9.105 Info AuthServerConnector.cpp:639: TLS check failed. This could be a temporary connection error or the user's secure connection is broken.
   9.105 Info HttpSharedState.cpp:55: Downloading https://auth.factorio.com/tls-check/failure
   9.105 Info HttpSharedState.cpp:55: Downloading https://updater.factorio.com/updater/get-available-versions?username=<user>&token=<private>&apiVersion=2
   9.158 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
   9.158 Info HttpSharedState.cpp:184: Downloading https://updater.factorio.com/updater/get-available-versions?username=<user>&token=<private>&apiVersion=2
   9.158 Info HttpSharedState.cpp:185: Status code: 0
   9.270 Error HttpSharedState.cpp:175: CURL failed: code:60, 3c; SSL: certificate verification failed (result: 5)
   9.270 Info HttpSharedState.cpp:184: Downloading https://auth.factorio.com/tls-check/failure
   9.270 Info HttpSharedState.cpp:185: Status code: 0
  10.761 Quitting: user-quit.
  11.104 Goodbye

Factorio Forums

[2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

[2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)

Re: [2.0.30] Error after upgrade: (SSL: certificate verification failed (result: 5)