We started implementing support for Cryptlex in our applications, and on windows, it seems to work perfectly. However, now we tried to use it in our linux applications as well. And there it always returns error code 48 (Network error). We use the cryptlex library via static linkage, on an ubuntu 22 linux server. Maybe we miss some libraries ?
Stephane van Hardeveld
Some extra info, via debug mode:
- Trying 126.96.36.199:443…
- Connected to api.cryptlex.com (188.8.131.52) port 443 (#0)
- mbedTLS: Connecting to api.cryptlex.com:443
- mbedTLS: Set min SSL version to TLS 1.0
- ALPN: offers h2
- ALPN: offers http/1.1
- ssl_handshake returned - mbedTLS: (-0x4380) RSA - The PKCS#1 verification failed
- Closing connection 0
Could this mean the ProductData or ProductID is incorrect? (Using the same as on Windows)
Verified ProductID and ProductData, these are correct
Please try installing ca-certificates package on the machine
sudo apt install ca-certificates
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
ca-certificates is already the newest version (20211016ubuntu0.22.04.1).
ca-certificates set to manually installed.
0 upgraded, 0 newly installed, 0 to remove
I did an apt update && apt upgrade to be safe, but no luck
Can you confirm that any anti-virus or network sniffer is not trying to listen/modify the network requests?
Yes, I can. I think it is related to something in Ubuntu 22 explicitly (I know they hardened it, and removed support for some of the older key exchange routines, especially for ssh, and are using openssl3 iso. openssl 1.1.1)
I tested it on an ubuntu20.04 hyper v image, (on the same host PC), here it is working as expected
If you need, you can install our application easily on one of your own systems, via snap. Just let me know, and I will give you the exact snap command
Is it replicable inside a Docker container, in case your app can run inside a container? Does it replicate without packaging it as a snap?
It should. But then you will need a docker based on an ubuntu 22 docker, not for instance alpine.
I get back to you with a docker image
Well, this was unsuspected… cryptlex Activate trial worked inside a Docker, based on ubuntu 22. While the docker was running inside the Ubuntu 22 instance it did not work on before. Not sure the docker image will help you now?
Yes, running directly on an ubuntu 22, it still fails with the mbedtls error. Not installed via snap, but directly from commandline
We will investigate the issue and get back to you.
Also, please check if v3.19.2 works in your case.
2023-01-12 14:13:29,105 Info : (tid: 140139254761024) Cryptlex library version is 3.19.2
2023-01-12 14:13:29,797 Warning : (tid: 140139254761024) Trial activation failed 48
We tried it on a Ubuntu 22.04 machine and the activation worked fine. I guess the issue is specific. to your machine. Can you try on any other machine with Ubuntu 22.04.
I tried on an AWS EC2 instance, and locally on a Hyper-V instance. Both the same result, unable to gat a connection to the Cryptlex server, due to SSL issue.
I did try to use LA_SYSTEM, but no luck either. Then I build a Debug version of our application, and this one works on my Hyper-V instance! Both LA_USER and LA_SYSTEM!
Any idea why this is? The linux download only contain one static library variant, where the windows download contains both a debug and a release variant.
Which debug version are you referring to? There is no debug version for Linux.
Are you using the official Ubuntu 22.04 image?
I meant debug version of our applications.
I did some more testing, and it seems it only fails if I use:
Static linkage of libLexActivator.a in release mode of our applications.
If I use dynamic linkage, to libLexActivator.so, in both debug and release mode, it works. And if I use static linkage to libLexActivator.a in debug mode, it works as well.
Did you test in Ubuntu 22 with static linkage as well?
And yes, I am using the latest official Ubuntu 22 image
Stephane van Hardeveld
We have tested linking LexActivator statically in Ubuntu 22.04 and 22.10, and activating the trial works fine in both. Can you please share a sample(using sample.cpp) which replicates the issue with