Crash: self signed certificate in certificate chain
curtisgibby opened this issue · comments
Consent
- I verified that there is no open/closed issue for the same subject.
- I understand that YTMDesktop have NO affiliation with Google or YouTube
Current Behavior
The app crashes with an error message complaining about self signed certificate in certificate chain
.
Expected Behavior
App opens and plays music.
Steps To Reproduce
- Have a self-signed cert.
- Open the app
- Play a song
YTMDesktop
2.0.0
OS
Windows
OS Version
10
Arch
x64
Installation way
.exe
Anything else?
YouTube Music Desktop App Crashed
Environment Details:
YouTube Music Desktop App 2.0.0
Electron 28.2.0
Windows NT 10.0.19044
Name: Error
Message: self signed certificate in certificate chain
Cause: Unknown
Error: self signed certificate in certificate chain
at TLSSocket.onConnectSecure (node:_tls_wrap:1603:34)
at TLSSocket.emit (node:events:517:28)
at TLSSocket._finishInit (node:_tls_wrap:1020:8)
at ssl.onhandshakedone (node:_tls_wrap:806:12)
Do you have any network level blocks?
Ads? privacy? etc?
Nope, nothing like that.
FYI I am also getting this same error on MacOS:
YouTube Music Desktop App Crashed
Environment Details:
YouTube Music Desktop App 2.0.0
Electron 28.2.0
macOS 14
Name: Error
Message: self signed certificate in certificate chain
Cause: Unknown
Error: self signed certificate in certificate chain
at TLSSocket.onConnectSecure (node:_tls_wrap:1603:34)
at TLSSocket.emit (node:events:517:28)
at TLSSocket._finishInit (node:_tls_wrap:1020:8)
at ssl.onhandshakedone (node:_tls_wrap:806:12)
Considering this application does not have any self signed certificates I would check your computer, network, and anything else related for something that is performing a man in the middle on your network traffic. Judging by the repro steps you state "Have a self-signed certificate" so that part seems intentional and in that case I would ensure you're not intercepting all your network traffic with it.
I'm going to close this a won't fix since at heart, while the application does crash, this issue will not be fixed as that would impose a security problem ignoring this.
While testing bits, we have stuff like Google's analytics blocked on our Office network and this does not caused the application to crash.
But curious to know what action is causing this to crash. On Boot (with the update failing) after a song is played or something~
Considering this application does not have any self signed certificates I would check your computer, network, and anything else related for something that is performing a man in the middle on your network traffic. Judging by the repro steps you state "Have a self-signed certificate" so that part seems intentional and in that case I would ensure you're not intercepting all your network traffic with it.
I am on a corporate laptop that requires the use of self-signed certs for some security things (I don't control any of this).
I'm going to close this a won't fix since at heart, while the application does crash, this issue will not be fixed as that would impose a security problem ignoring this.
Can you explain your rationale here? I am not sure why the app cares about a self-signed cert and I would be curious to know the reason it does. If it does matter for some reason, it seems that a proper warning or error message would be a better way to go (preferably with an option to continue). Crashing is indicative of a bug.
FWIW I do not have this issue using version 1.x on the same machine.
But curious to know what action is causing this to crash. On Boot (with the update failing) after a song is played or something~
For me it crashes on playing a song. Even after the app crashes, the song continues to play in the background until I click on "Ok" in the dialog box generated by MacOS saying the "app has crashed".
I am on a corporate laptop that requires the use of self-signed certs for some security things (I don't control any of this).
I do understand this is out of your control in these cases and this can be a common thing for corporate. You should seek to ensure that the certificate which would be intercepting network traffic is signed whatever is intercepting it CA and that CA is added to your machines trust store. If this is still a problem after then the application may be using its own trust store which would likely be a side effect of being electron/chrome and I would be willing to look into a fix for that.
Can you explain your rationale here?
I assume you might be seeing this from a browser perspective which allows to just continue regardless but this application, while being electron which is browser based, I don't have any interest in programming and providing the ability to just continue since it's not a local service that a self signed certificate would be for and should be served with. This also excludes the main process which isn't browser based and requires a little bit more hoops to just "continue anyways".
I assume you might be seeing this from a browser perspective which allows to just continue regardless but this application, while being electron which is browser based, I don't have any interest in programming and providing the ability to just continue since it's not a local service that a self signed certificate would be for and should be served with. This also excludes the main process which isn't browser based and requires a little bit more hoops to just "continue anyways".
That makes sense, I appreciate you taking the time to check into this @NovusTheory !