Unity Curl Error 60 with Authenticating Custom

Hey guys, I’m working on connecting our Unity game to the client’s server right now. The creation of the client seems to be successful but when upon doing a CustomAutentication using an existing account from their Nakama Console, I run into this:

Curl error 60: Cert verify failed: UNITYTLS_X509VERIFY_FLAG_USER_ERROR1

The game is on the WebGL platform and I’m very new to all of this. Results online indicate that this has to do with the SSL certificate which makes sense because the scheme I have set for the connection is “https”. Some guidance on how to fix this error would be much appreciated.

Hello @ProgramPlotam,

Assuming that you are running the client and server locally, you don’t need to use SSL since these processes are running on a trusted machine and communicating through a trusted one, which is yours.

The only situation where you do need it, is when you’re communicating with remote machines and you need a way of establishing a secure connection (making sure machines that relay messages aren’t looking at what you are sending/receiving). To accomplish this, systems rely certificates and certificate authorities that are worldwide trusted entities, so much that your local machine already includes base certificates emitted by them and which are used to cross validate with the certificate of the server you desire to communicate with without any extra work on your side.

You can learn more about all of this details here and its related pages: https://www.cloudflare.com/learning/ssl/what-is-ssl/

In summary, you don’t need it for local development and you should avoid it because to make it work you would need to do something like this:

  • Emit a self-signed certificate since getting one from certificate authority would cost you money and require you to associate it to a domain owned by you which also costs money
  • Setup the server or a proxy in front, i.e NGINX, to use it
  • Configure your local machine to recognise the certificate you just created which is only trusted by you

In the end all of these steps derail you from focusing on what you really want so I recommend that you setup the scheme based on the environment you are running. Local → HTTP and when the server runs on a remote machine → HTTPS.

Hey @flavio thanks for the explanation

If I’m connected to host:localhost, I should be using scheme:HTTP. Right now I’ve set host:client's server URL. I want to test and make sure the game is able to establish a connection to their server and that it runs well. In this case, would I use HTTP or HTTPS for the scheme.

Upon deployment of the game, scheme:HTTPS should be what I set, correct?

Yes, that’s correct @ProgramPlotam.

Hi thanks for joining @ftkg,

I want to test that the deployment won’t have a problem connecting to their server with the HTTPS scheme. Is there anyway to test that or am I worrying too much?

You could test your current build at any point by connecting to the production server with HTTPS.

What do you mean by “connect to the production server”? Would that be setting the host to the server URL or would that be uploading the build to the server?

That should be connecting your Unity game to the production server by setting the https host URL, unless I’m missing something here.

When I got this error, my setup was:

Scheme: HTTPS
Host: Server URL

If I did the same again, I would be getting the same error.

From this thread, I’ve understood that when testing we should set Scheme: HTTP but now I want to simulate a deployment with Scheme:HTTPS. How do I get my test to work with https?

If you’re still having errors with HTTPs, that’s something you will definitely need to solve first.
That error you sent seems to be a Unity specific issue with server certificates that emerged recently.

I think your best course of action is to work with your server/backend team and query Unity support directly, as it does not relate to Nakama.

Guess I’ve been looking at the wrong place. Thanks for sticking with me @ftkg!