Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


Ninho

Problems accessing certain sites (Https aka TLS)

Recommended Posts

3 hours ago, Zorba the Geek said:

Although browsing with 360 Extreme Explorer is not trouble free due to pages sometimes being displayed in Chinese and Russian it is only the fallback option when MyPal fails to load a website.

The answer about this issue is here:

https://msfn.org/board/topic/178380-extreme-explorer-360-chromium-78-general-discussion/?do=findComment&comment=1174038

 

Share this post


Link to post
Share on other sites

On 2/2/2020 at 3:36 PM, Raheem Jamali said:

Replacing ieframe.dll of Win XP with React OS ieframe.dll allows UC Browser, Chromium 49 and other browsers to use TLS 1.2 but still it requires few modifications. Replacing Crypto32.dll in win xp renders it non bootable.

On 2/4/2020 at 7:03 AM, ED_Sln said:

After replacing the file when loading the OS, an error began to appear about the missing call in the kerner32.dll file. In addition, Internet Explorer and the browser settings in the control panel have completely broken. Support for TLS 1.2 is added by KB4467770: https://support.microsoft.com/en-us/help/4467770/update-to-enable-tls-1-1-and-tls-1-2-as-secure-protocols-on-winhttp

What are you folks trying to accomplish here? Support for TLS 1.2 was added to XP (actually, POSReady '09) long ago by the above mentioned KB, and to IE8 specifically by KB4316682 (later cumulative IE8 updates should work too):

TLS 1.2 support is limited though, because native support for ECC (certificates and ciphers) was never added to XP.

On 2/4/2020 at 11:01 PM, Raheem Jamali said:

Yes I have managed to get it running with few modifications but it completely breaks Internet Explorer. I was testing that to get mbedtls to run in WinXp instead of native security protocol. It would be beneficial when mbedtls would support TLS 1.3 i guess then we would get real benefit. But yeah it breaks IE. Ieframe.dll, schannel.dll, bcrypt.dll mbedtls.dll these files i have replaced. 

If it's TLS 1.3 you want (without using ProxHTTPSProxyMII) on IE/Chrome, I'd bet you're going to have to perform some pretty major surgery. Might be better off just migrating to ReactOS, or just using a browser with native TLS 1.3 support like EE 360 or @roytam1's Serpent.

Share this post


Link to post
Share on other sites
11 hours ago, Mathwiz said:

What are you folks trying to accomplish here?

I only checked the probable possibility of using an alternative library, for example, if it had support for other encryption methods or support for TLS 1.3.

 

11 hours ago, Mathwiz said:

Might be better off just migrating to ReactOS

This OS is so unstable that it cannot be used even for tests.

Share this post


Link to post
Share on other sites

I've read the whole topic, but I lack the basic knowledge, and heinoganda is not on forums for few months... so can anyone help me concerning opening problematic sites on XP SP3 for x86, with Chrome 49.0.2623.112?

Share this post


Link to post
Share on other sites

Since I have a few Raspberry Pi's up running already I was wondering if there was a way to use one of them in the same way as ProxHTTPSProxy to get TLS 1.3 support?

Searched around a bit for a proxy server on Linux and there are quite a few but was hoping to find a simple one so if anyone have any pointers I'm all ears.

Share this post


Link to post
Share on other sites

Anyone knows where to find the latest Python source code to this HTTPSProxy, is it available somewhere?

Despite my low Python skills I would love to try to get it to run on a Raspberry Pi with latest Python 3.6+ to get support for TLS 1.3.

 

Share this post


Link to post
Share on other sites

@heinogandais the one to help with that, I hope he's still around.
Try sending him a PM.
:)

Share this post


Link to post
Share on other sites
56 minutes ago, Dave-H said:

@heinogandais the one to help with that, I hope he's still around.
Try sending him a PM.
:)

Thanks, sent him a PM a few days ago and hope he still visits this site.

Being able to run the HTTPSProxy on Linux would be awesome. My guess is that even a Raspberry Pi Zero W for $10 would be fast enough to handle the work for a couple of "legacy XP clients" on my LAN.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...