Happy2Play 9441 Posted November 15, 2021 Posted November 15, 2021 (edited) Maybe someone else has some insight or knowledge on this, has anyone one successfully used the new TVDB v4 plugin on Windows 7 and got it to work as it requires a minimum of TLS 1.2. I have done everything I could find online to activate TLS 1.2 on Windows 7, but no luck with this plugin. System.Net.Http.HttpRequestException: System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. InnerException: System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. InnerException: System.ComponentModel.Win32Exception: The message received was unexpected or badly formatted. Is this just beyond the protocols in Windows 7? Edited November 15, 2021 by Happy2Play
Luke 40074 Posted November 15, 2021 Posted November 15, 2021 Did you try the registry edits that can be found when google searching this issue?
Happy2Play 9441 Posted November 15, 2021 Author Posted November 15, 2021 5 minutes ago, Luke said: Did you try the registry edits that can be found when google searching this issue? Yes all have been applied. As mentioned in in other topic TLS 1.2 would appear to work, as api.github.com query works and it is TLS 1.2/TLS 1.3 also from the testing I have done. Even tried IISCrypto But still get the "The message received was unexpected or badly formatted." for V4 TVDB.
adminExitium 295 Posted November 15, 2021 Posted November 15, 2021 It's almost definitely due to the cipher suites that are available on Windows 7, none of which are currently supported on the new TVDB API server, which only supports a handful of newer cipher suites. Github on the other hand supports many more cipher suites. SSL Analysis of api4.thetvdb.com: https://www.ssllabs.com/ssltest/analyze.html?d=api4.thetvdb.com&s=13.35.125.115&latest#suitesBody SSL Analysis of api.github.com: https://www.ssllabs.com/ssltest/analyze.html?d=api.github.com#suitesBody Supported Cipher Suites on Windows 7 via IE11 (which uses the OS suites, unlike Firefox or Chrome who use their own bundled suites): https://www.ssllabs.com/ssltest/viewClient.html?name=IE&version=11&platform=Win 7 Microsoft Docs regarding supported suites on Windows 7: https://docs.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-7 Similar Issue here: https://stackoverflow.com/questions/68458467/all-known-steps-have-been-taken-but-tls-1-2-is-still-not-working-on-windows-7 I guess someone could ask TVDB to allow a couple of the older Cipher Suites for wider compatibility? 1
Happy2Play 9441 Posted November 15, 2021 Author Posted November 15, 2021 (edited) It would appear this is not possible, do to Windows 7 not having the cipher suites TVDB is using. https://social.technet.microsoft.com/Forums/ie/en-US/d1a10844-18fb-4400-b649-60183c5f58c6/how-to-add-cipher-suite-to-windows-7-tlsrsawithaes128gcmsha256?forum=w7itprosecurity SSL2, SSL3, TLS 1.0 and TLS 1.1 cipher suites: TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P521 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P521 TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_RC4_128_MD5 SSL_CK_RC4_128_WITH_MD5 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 TLS_RSA_WITH_NULL_SHA TLS_RSA_WITH_NULL_MD5 TLS 1.2 SHA256 and SHA384 cipher suites: TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P521 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P521 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_NULL_SHA256 TLS 1.2 ECC GCM cipher suites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P521 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P521 @kjhedges@Luke Edited November 15, 2021 by Happy2Play edit suites 2
adminExitium 295 Posted November 15, 2021 Posted November 15, 2021 Just for completeness, the SSL report for the current (v3?) API server of TVDB: https://www.ssllabs.com/ssltest/analyze.html?d=api.thetvdb.com#suitesBody 1 1
Happy2Play 9441 Posted November 15, 2021 Author Posted November 15, 2021 Opened a ticket on TVDB asking about this issue.
kjhedges 61 Posted November 16, 2021 Posted November 16, 2021 12 hours ago, Happy2Play said: It would appear this is not possible, do to Windows 7 not having the cipher suites TVDB is using. https://social.technet.microsoft.com/Forums/ie/en-US/d1a10844-18fb-4400-b649-60183c5f58c6/how-to-add-cipher-suite-to-windows-7-tlsrsawithaes128gcmsha256?forum=w7itprosecurity SSL2, SSL3, TLS 1.0 and TLS 1.1 cipher suites: TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P521 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P521 TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_RC4_128_MD5 SSL_CK_RC4_128_WITH_MD5 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 TLS_RSA_WITH_NULL_SHA TLS_RSA_WITH_NULL_MD5 TLS 1.2 SHA256 and SHA384 cipher suites: TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P521 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P521 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_NULL_SHA256 TLS 1.2 ECC GCM cipher suites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P521 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P521 @kjhedges@Luke Thank you for confirming this. An upgrade of windows is now in order then lol
chef 3808 Posted November 16, 2021 Posted November 16, 2021 Just wanted to comment, in order to follow this thread. I am a windows 7 user still.. .. ... yup. I am experiencing issues with the api, and hopefully we see thetvdb allow support for older machines.
kjhedges 61 Posted November 16, 2021 Posted November 16, 2021 I have now migrated to windows 10. No problems with migration. All users and activity still in place. 1
chef 3808 Posted November 17, 2021 Posted November 17, 2021 A little bit more information here. I'm actually seeing issues with Win 8. I forgot that my test server for programming is actually running on windows 8.1(I really have to change that... Win 8 is horrendous) I see this in the test server logs: 2021-11-16 21:56:18.212 Error App: Error in TheTVDB *** Error Report *** Version: 4.7.0.18 Command line: C:\Users\Benjamin\AppData\Roaming\Emby-Server\system\EmbyServer.dll -noautorunwebapp Operating system: Microsoft Windows 6.3.9600 Framework: .NET 6.0.0-rtm.21522.10 OS/Process: x64/x64 Runtime: C:/Users/Benjamin/AppData/Roaming/Emby-Server/system/System.Private.CoreLib.dll Processor count: 4 Data path: C:\Users\Benjamin\AppData\Roaming\Emby-Server\programdata Application path: C:\Users\Benjamin\AppData\Roaming\Emby-Server\system System.Net.Http.HttpRequestException: System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. ---> System.ComponentModel.Win32Exception (0x80090326): The message received was unexpected or badly formatted. --- End of inner exception stack trace --- at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm) at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken) --- End of inner exception stack trace --- at Emby.Server.Implementations.HttpClientManager.CoreHttpClientManager.SendAsyncInternal(HttpRequestOptions options, String httpMethod) at Emby.Server.Implementations.HttpClientManager.CoreHttpClientManager.SendAsync(HttpRequestOptions options, String httpMethod) at Tvdb.EntryPoint.EnsureToken(CancellationToken cancellationToken) at Tvdb.EntryPoint.GetResponse(HttpRequestOptions request, String method) at Tvdb.TvdbEpisodeProvider.FetchMainResult(String seriesId, String seasonType, CancellationToken cancellationToken) at Tvdb.TvdbEpisodeProvider.DownloadEpisodesInfo(String id, String seasonType, CancellationToken cancellationToken) at Tvdb.TvdbEpisodeProvider.GetEpisodeData(EpisodeInfo searchInfo, Boolean fillExtendedInfo, CancellationToken cancellationToken) at Tvdb.TvdbEpisodeProvider.GetMetadata(EpisodeInfo searchInfo, CancellationToken cancellationToken) at MediaBrowser.Providers.Manager.MetadataService`2.ExecuteRemoteProviders(MetadataResult`1 temp, LibraryOptions libraryOptions, String logName, TIdType id, IEnumerable`1 providers, CancellationToken cancellationToken) Source: System.Net.Http TargetSite: Void MoveNext() InnerException: System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. Source: System.Net.Security TargetSite: Void MoveNext() at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm) at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken) InnerException: System.ComponentModel.Win32Exception: The message received was unexpected or badly formatted. Source: TargetSite:
Happy2Play 9441 Posted November 17, 2021 Author Posted November 17, 2021 1 minute ago, chef said: A little bit more information here. I'm actually seeing issues with Win 8. I forgot that my test server for programming is actually running on windows 8.1(I really have to change that... Win 8 is horrendous) I see this in the test server logs: 2021-11-16 21:56:18.212 Error App: Error in TheTVDB *** Error Report *** Version: 4.7.0.18 Command line: C:\Users\Benjamin\AppData\Roaming\Emby-Server\system\EmbyServer.dll -noautorunwebapp Operating system: Microsoft Windows 6.3.9600 Framework: .NET 6.0.0-rtm.21522.10 OS/Process: x64/x64 Runtime: C:/Users/Benjamin/AppData/Roaming/Emby-Server/system/System.Private.CoreLib.dll Processor count: 4 Data path: C:\Users\Benjamin\AppData\Roaming\Emby-Server\programdata Application path: C:\Users\Benjamin\AppData\Roaming\Emby-Server\system System.Net.Http.HttpRequestException: System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. ---> System.ComponentModel.Win32Exception (0x80090326): The message received was unexpected or badly formatted. --- End of inner exception stack trace --- at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm) at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken) --- End of inner exception stack trace --- at Emby.Server.Implementations.HttpClientManager.CoreHttpClientManager.SendAsyncInternal(HttpRequestOptions options, String httpMethod) at Emby.Server.Implementations.HttpClientManager.CoreHttpClientManager.SendAsync(HttpRequestOptions options, String httpMethod) at Tvdb.EntryPoint.EnsureToken(CancellationToken cancellationToken) at Tvdb.EntryPoint.GetResponse(HttpRequestOptions request, String method) at Tvdb.TvdbEpisodeProvider.FetchMainResult(String seriesId, String seasonType, CancellationToken cancellationToken) at Tvdb.TvdbEpisodeProvider.DownloadEpisodesInfo(String id, String seasonType, CancellationToken cancellationToken) at Tvdb.TvdbEpisodeProvider.GetEpisodeData(EpisodeInfo searchInfo, Boolean fillExtendedInfo, CancellationToken cancellationToken) at Tvdb.TvdbEpisodeProvider.GetMetadata(EpisodeInfo searchInfo, CancellationToken cancellationToken) at MediaBrowser.Providers.Manager.MetadataService`2.ExecuteRemoteProviders(MetadataResult`1 temp, LibraryOptions libraryOptions, String logName, TIdType id, IEnumerable`1 providers, CancellationToken cancellationToken) Source: System.Net.Http TargetSite: Void MoveNext() InnerException: System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. Source: System.Net.Security TargetSite: Void MoveNext() at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm) at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken) InnerException: System.ComponentModel.Win32Exception: The message received was unexpected or badly formatted. Source: TargetSite: If this is correct It looks the same as Windows 7. TLS Cipher Suites in Windows 8.1 - Win32 apps | Microsoft Docs Qualys SSL Labs - Projects / User Agent Capabilities: IE 11 / Win 8.1
Happy2Play 9441 Posted November 19, 2021 Author Posted November 19, 2021 Response from TVDB Quote Is there any chance of you adding a cipher suite that is compatible with Windows 7? Quote Unfortunately we won't be doing that. Sorry about that.
Happy2Play 9441 Posted November 19, 2021 Author Posted November 19, 2021 Looks like we may need an announcement about TVDB v4 TLS 1.2 cipher suite requirement as older Windows systems will not meet the requirements. @Luke May need to update system requirements also, but there is a major difference in Emby requirements and this plugins TVDB 1.1.0.0+ (v4). Or a note about the minimum requirement using TVDB plugin on our requirements KB. @cayars
Carlo 4552 Posted November 19, 2021 Posted November 19, 2021 Thanks for the heads up on that @Happy2Play. I've not followed TVDB V4 at all as I knew you and other were on it. Do you happen to have a link handy about this? If not I'm sure I can Google it.
chef 3808 Posted November 19, 2021 Posted November 19, 2021 Hmm... There must be a hack somewhere to get win 7 to have these ciphers. But, it probabaly worth just updating. I will miss my desktop. It is exactly the way I like it.
kjhedges 61 Posted November 19, 2021 Posted November 19, 2021 11 hours ago, chef said: But, it probably worth just updating. I will miss my desktop. It is exactly the way I like it. Luckily, my Emby server is a separate machine so I never miss my old faithful windows 7 Desktop. 1
Gripweed107 4 Posted November 19, 2021 Posted November 19, 2021 There's a possibility that "No" may not mean "No". Ticketed and labeled as an enhancement. https://github.com/thetvdb/v4-api/issues/149 Please show support for it.
Gripweed107 4 Posted November 21, 2021 Posted November 21, 2021 Problem solved thanks to SirSparkles AKA Sparky at TV Rename. TVDB (API v4) added in some additional ciphers so that Win 7 & 8 users can connect now. Latest TLS analysis of api4.thetvdb.com 1
Luke 40074 Posted November 21, 2021 Posted November 21, 2021 11 minutes ago, Gripweed107 said: Problem solved thanks to SirSparkles AKA Sparky at TV Rename. TVDB (API v4) added in some additional ciphers so that Win 7 & 8 users can connect now. Latest TLS analysis of api4.thetvdb.com Excellent, that will save us some troubleshooting. Thanks for the update.
Happy2Play 9441 Posted November 21, 2021 Author Posted November 21, 2021 Yes have verified working on Windows 7. Really surprised they added the Weak ciphers. @kjhedges @chef 2
chef 3808 Posted November 21, 2021 Posted November 21, 2021 1 hour ago, Happy2Play said: Yes have verified working on Windows 7. Really surprised they added the Weak ciphers. @kjhedges @chef That is great news. I'll get to keep my server the way it is for a while longer now . 1
Gripweed107 4 Posted November 22, 2021 Posted November 22, 2021 As a Emby and TV Rename user I am doubly happy now especially since I had just recently stupidly paid for a yearly subscription with TVDB and it appeared as a Win7 user that I was going to be locked out of v3 & v4 shortly.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now