No credentials are available in the security package

Hi, I'm trying to setup secure web sockets so that I can run a webgl build of our Unity game.

I have unsecure web sockets and TCP working fine, but when I followed the instructions to get the SSL certificate installed, then try to run LoadBalancing, I get the following error -

4724: 09:13:26.023 - CService::OnException() - Exception: CCredentials::CreateCredentialsHandle() - No credentials are available in the security package

I know the ssl is valid because I'm also using it on the domain that the webgl is hosted (this is also where photon is running from). I've tried what I can but have hit a dead end, so if anyone could help me with this I would really appreciate it!

Comments

  • hi, @simoneglass

    Yeah, SSL setup is a quite annoying task. One wrong step and nothing works.

    Please recheck everything according to the tutorial we have on our site. Please ask concrete questions. in case of "Nothing works" difficult to help.
    Please provide us at least config you get in result.

    Here is some search result:
    https://itluke.online/2017/09/08/solved-id-1220-ldaps-8009030e-no-credentials-are-available-in-the-security-package/

    Please try and keep us posted about results
    best,
    ilya
  • simonglass
    edited June 2019
    I'm not sure what concrete question I should be asking to be honest.

    I followed the tutorial and got everything working with a self signed ssl, but swapping it to a certified one seems to be what is giving me problems.

    I'm using this setup in my config
    <WebSocketListeners>
    			<WebSocketListener
    				IPAddress="0.0.0.0"
    				Port="9090"
    				DisableNagle="true"
    				InactivityTimeout="10000"
    				OverrideApplication="Master"
    				Secure = "true"
    				StoreName = "MY"
    				CertificateName = "helm.applio.net"
    				UseMachineStore = "true">
    			</WebSocketListener>
    			<WebSocketListener
    				IPAddress="0.0.0.0"
    				Port="9091"
    				DisableNagle="true"
    				InactivityTimeout="10000"
    				OverrideApplication="Game"
    				Secure = "true"
    				StoreName = "MY"
    				CertificateName = "helm.applio.net"
    				UseMachineStore = "true">
    			</WebSocketListener>
    		</WebSocketListeners>
    
    In my first post is a copy of the error that I get when I start LoadBalancing. The result of that error is that load balancing stops and shuts down, I can't see any other errors as this appears to be the stopping point.

    Sorry if I haven't posted the right info here, I'm really not sure what my next steps should be now.

  • Well, I did send you a link, did you try it?

    best,
    ilya
  • Yes, I tried the link, thanks.

    I think I understand my problem a bit more now. I'm hosting photon server on a subdomain that already has an ssl certificate installed. I can't download the certificate and install it on the local computer as in the instructions, as to do that I need to generate a csr file to get a private key. By doing this I will invalidate my existing ssl certificate, which means that my domain will no longer be secure.

    I'm not sure how to fix this, do I need a second ssl certificate just for Photon?

    Thanks
  • JohnTube
    JohnTube ✭✭✭✭✭
    Hi @simonglass,

    Thank you for choosing Photon!

    I think you should have two configurations: one for local (development) and one for remote (production).
    Each configuration uses a different matching domain name and certificate.
  • Hi @JohnTube, thanks for your help

    The server I have photon running on is also used for our database, php and game hosting. This may be why I'm having problems, because it already has an ssl configured elsewhere as I outlined above.

    Does this mean Photon must run on its own server?
  • @simonglass in general, I would say that PhotonServer should be able to run on the same machine. But please try to set up everything on a different one

    best,
    ilya
  • If I set up everything on a new server then I can create a new ssl certificate and I should be able to install it okay. Obviously this would be a last resort though as I will have to then pay for and maintain two servers. I didn't want to host it at all but Photon Cloud doesn't offer a static IP...

    Is there a way that I can use the ssl that my domain is using (managed through godaddy) for Photon? helm.applio.net is secure, which is where photon is installed to, but I can't see a way to get photon to see that certificate as it isn't located on my server (so far as I'm aware). Photon load balancing doesn't seem to care that the domain is secure already but seems to want it's own certificate? I might be misunderstanding the installation instructions though as it only covers self signed certificates.

    Sorry, I know this is a pain but server maintenance isn't my area at all so this is mostly new to me
  • You can use any certificate you want but it must be stored on the server and you must configure the correct name and location in PhotonServer.config
    If you can't see it on your server you can import it by Just double click on the pfx certificate file and choose where you want to store it (current user or local machine).
    If you use local machine, your settings above are correct (UseMachineStore = "true")