AstroSkipper

To be honest, I am not surprised at all ...

@Snowshoe! However, the address https://ms.kartkrew.org/ms/api/games/SRB2Kart/10/servers?v=2.2 exists and can be accessed by IE8 while running ProxHTTPSProxy: ProxHTTPSProxy's log is fine, no errors: Cheers, AstroSkipper

Totally forgot to mention! This version is the most recent. Furthermore, I changed a bit the entry in the config.ini file: ### Ignore SSL certificate verify, Use at your own risk!!! ### Proxy setting still effective [SSL No-Verify] fe2.update.microsoft.com *.12306.cn https://ms.kartkrew.org/*

... Leave that envvar empty/don't use it at all, so that your ISP connection is used DIRECTLY for the cert revocation check (which is performed over plain HTTP); in any case, only the secure connections the game attempts should be redirected to the TLS proxy, i.e. ONLY the HTTPS_PROXY envvar should be used... Just my 2c, of course... Agreed! Do not use http_proxy=localhost:8081 and try again! BTW, the address https://ms.kartkrew.org/ms/api does not exist, neither in IE8 nor in New Moon 28, i.e. leads to the well-known 404 error: Same error in your logs!

Which version of ProxHTTPSProxy are you using?

Hello @Snowshoe! I could successfully connect to https://ms.kartkrew.org/ using IE8 with ProxHTTPSProxy (part of my package ProxHTTPSProxy's PopMenu TLS 1.3 3V3) enabled: To connect successfully, you have to edit the config.ini of ProxHTTPSProxy under the section [SSL No-Verify]: Cheers, AstroSkipper

In my article "ProxHTTPSProxy and HTTPSProxy in Windows XP for future use", you will find a download link of Proxhttpsproxy 1.3a in the section 11.1. Archived Downloads {obsolete}.

Hello @Vistapocalypse! WiseVector StopX does not provide more details about the hardware requirements, neither in the program documentation nor in the FAQ on their homepage. I own additionally an old computer with an Athlon XP 3200+ CPU which comes with the SSE instruction set, but lacks of the SSE2 feature. I will test WiseVector StopX on this computer the next days, when time is available, of course.

Best regards. Back on topic! A few days ago, I had a similar problem with wget. Among other things, my self-created batch file should download a certain file from a server which leads to an error. I was able to fix the problem by adding an option to wget that disables the server certificate check against the available certificate authorities. With the option --no-check-certificate, wget was able to download the desired file again without any problems. Curl is a similar program which is able to download files from servers. It uses SSL/TLS protocols which can be controlled by different options as for example --sslv3, --tlsv1.2, --tlsv1.3, --tls-max and so on. Furthermore, curl has a lot of proxy options: --proxy [protocol://]host[:port] Use this proxy --proxy-anyauth Pick any proxy authentication method --proxy-basic Use Basic authentication on the proxy --proxy-cacert <file> CA certificate to verify peer against for proxy --proxy-capath <dir> CA directory to verify peer against for proxy --proxy-cert <cert[:passwd]> Set client certificate for proxy --proxy-cert-type <type> Client certificate type for HTTPS proxy --proxy-ciphers <list> SSL ciphers to use for proxy --proxy-crlfile <file> Set a CRL list for proxy --proxy-digest Use Digest authentication on the proxy --proxy-header <header/@file> Pass custom header(s) to proxy --proxy-insecure Do HTTPS proxy connections without verifying the proxy --proxy-key <key> Private key for HTTPS proxy --proxy-key-type <type> Private key file type for proxy --proxy-negotiate Use HTTP Negotiate (SPNEGO) authentication on the proxy --proxy-ntlm Use NTLM authentication on the proxy --proxy-pass <phrase> Pass phrase for the private key for HTTPS proxy --proxy-pinnedpubkey <hashes> FILE/HASHES public key to verify proxy with --proxy-service-name <name> SPNEGO proxy service name --proxy-ssl-allow-beast Allow security flaw for interop for HTTPS proxy --proxy-tls13-ciphers <ciphersuite list> TLS 1.3 proxy cipher suites --proxy-tlsauthtype <type> TLS authentication type for HTTPS proxy --proxy-tlspassword <string> TLS password for HTTPS proxy --proxy-tlsuser <name> TLS username for HTTPS proxy --proxy-tlsv1 Use TLSv1 for HTTPS proxy --proxy-user <user:password> Proxy user and password --proxy1.0 <host[:port]> Use HTTP/1.0 proxy on given port --proxytunnel Operate through an HTTP proxy tunnel (using CONNECT) Frankly, I don't really see the need to use curl with ProxHTTPSProxy. It should also do its job without this proxy in Windows XP. About programs with curl embedded, I can't say anything detailed. These programs would have to be specified more clearly. Maybe, @Snowshoe can explain more detailed what kind of programs he referred to, what he actually wants to achieve with these curl programs and why he needs a connection established by ProxHTTPSProxy, including the command line input or other execution commands which leads to the error. In any case, the curl option --ssl-no-revoke prevents the cert revocation check with the server to be connected. Are these the droids you're looking for? Probably not! Greetings from Germany, AstroSkipper

Some MSFN members agree with you, particularly in the Windows XP forum. Most recently, AstroSkipper posted November 6 about switching from Avast to WiseVector StopX, and it had been discussed earlier in that same thread, which Vista users have also posted in. (Few antivirus products supported Vista any longer than XP.) I wonder if it works with extended kernel? I have been using now WiseVector StopX for a couple of months and I don't regret my change, on the contrary, I am very satisfied and really positively taken with it.

Thank you for Your attention and my best wishes to You. You're welcome! And dito! I love it!

@Snowshoe! I have checked your log file. Try following command line option with curl: --ssl-no-revoke. This disables cert revocation checks (Schannel) which most probably caused the error 0x80092012. You should do that only if you trust the server you want to connect. I had a similar problem with wget in the past, and disabling cert revocation was the way to solve it. Cheers, AstroSkipper

That's a very clever project. You reported an issue in Pale Moon, and they checked it in browsers based on Chromium.

I fully agree with that! I am additionally an Android user since 2014, and so unfortunately I am a slave under Google's rule. I keep trying to free myself as much as I can, but it is almost impossible to do so completely. Unfortunately, all my browsers on Android are based on Chromium. There are simply no alternative browser engines.

That's not out of context. Did I mention you? If you think that this does not apply to you, then you should not feel addressed. You are not the only member of this forum. People who refer everything to themselves have a problem, of course.

Hello @VistaLover! Does that mean that @cmalex's TLS 1.3 proxy ProxyMII https://www.mediafire.com/file/pdy1cd8insmdq7g/ProxyMII_220717.7z/file (not my package ProxHTTPSProxy's PopMenu TLS 1.3 3V3) is not running under Windows Vista? Did you test ProxyMII in this OS in the past? I can't do that because I don't use this operating system. BTW, the handling of this proxy is fully documented in my main article ProxHTTPSProxy and HTTPSProxy in Windows XP for future use in the section 8.

As far as I can see, rzbrowser and retrozilla-suite were last updated on 2022-12-08. That's pretty recent for browsers targeting such old operating systems like Win 95+, isn't it?

Hello @roytam1! Even though there are members here who don't appreciate weekly updates of your browsers, I would like to thank you for your regular browser releases, the time you spend on them and your enthusiasm. You maintain so many projects with an incredible continuity that is quite impressive. New Moon 28 and Serpent are my main browsers in Windows XP. And they even work with YouTube on older computers, where 360Chrome is a total failure. Many thanks for that!

Hello @Snowshoe! Here are two screenshots with the settings of my SocksCap64 installation: If you have any further questions, do not hesitate to ask here! Cheers, AstroSkipper

Here is a screenshot of the Web Developer menu of New Moon 28.10.6a1 (32-bit) (2023-01-19) in the German language (Web-Entwickler): My modified language pack is fully working, and all has been translated. BTW, New Moon 28 is my main browser under Windows XP, even in 2023. Cheers, AstroSkipper

Does it really work? The last time I wanted to use a Pale Moon lang pack in New Moon I had no success. kind regards soggi Hi @soggi! For New Moon 28, I use the German language pack from here: https://github.com/JustOff/pale-moon-localization/releases/download/28.10.0_RC1/de.xpi which I modified myself a long time ago in terms of the dev tools. You are German like me , therefore you are lucky and can use my already modified language pack file de-mod-content-dev.xpi. Here is the link: https://www.mediafire.com/file/99riihhfrxrju2k/de-mod-content-dev.xpi/file Cheers, AstroSkipper

The program LegacyUpdate 1.6.1 has been updated and is now available in version 1.6.2. Changelog from GitHub: I've already updated my original post, too. Cheers, AstroSkipper

Hello @cmalex! Welcome back! I hope everything is OK with you. I send you my warmest greetings! And thanks for helping here! Always appreciated! Cheers, AstroSkipper

Can you demonstrate how to get this working with ProxHTTPSProxy? Or show your settings inside SocksCap64? It doesn't have a HTTPS proxy setting, only HTTP, which doesn't work for me. I am trying to use programs that do use HTTPS but don't use the system proxy server (including programs that use libcurl.dll, or have curl static compiled into the executable). Simply updating root certificates and enabling TLS 1.2 in IE is not enough, I get a mis-matched hostname certificate error when trying to run programs that use curl (or go on certain sites with IE when ProxHTTPSProxy isn't enabled, for that matter). Also, redirecting requests from curl to plain HTTP is not always possible because the server does not serve plain HTTP and only uses a 301 redirect to HTTPS regardless of the URL. Hello @Snowshoe! I tested SocksCap64 with some browsers and it worked perfectly. You can try any other application but there might be some which won't work properly with SocksCap64. It's always trial and error. Anyway! Next time I'm at my desktop computer, I'll take some screenshots of my settings and post it here for you.

Does anyone still have a copy of this hotfix? The links in their forums to their BOX site are all broken as are any of the direct downloads in the forum threads I could find there. If not I guess I'll track down 2.1.6 which was the last version that did not need the patch. I know that MBAM 2 is now out of support so doesn't get updates but was looking for a quick solution for doing offline scans for mostly period malware anyways on a Athlon XP machine (SSE1 only). From what I was seeing the patch is mostly in regards to a Qt5 library? Though I'm trying to find that original post again that mentioned that Hi @Chartreuse! I have a copy of the file Malwarebytes_2.1.8_SSE2_Hotfix.zip in my personal archive. Still interested?