Summary
We were recently informed that if the Addressables network connection has an SSL error the Addressables retry is ignored.
To mitigate this a small modification to the Addressables package’s code should be made as described below. In addition the RETRY parameter of the Addressables Groups should be set to 30 and the Max Connections set to 10.
Details
A user reported multiple SSL errors when trying to load assets from Cloud Content Delivery on multiple Samsung devices.We were able to reproduce the scenario:
- Samsung Note 9
- Mobile network with speed ~3-5 Mbps
- Addressables 1.19.19
- CCD Management API 1.0.0-pre.2
Reproduction Steps
- Download your game/application and install on a Android device
- Restart device
- Disable Wi-Fi
- If possible be on a slow mobile connection
- If possible connect device to a laptop and open LOGCAT
- Launch application
- Observe possible SSL error in logcat
- Curl error 52: Cert verify failed: UNITYTLS_X509VERIFY_FLAG_USER_ERROR1 UnityWebRequest result : ConnectionError : SSL CA certificate error
- Curl error 60: Cert handshake failed. verify result: UNITYTLS_X509VERIFY_FATAL_ERROR. error state: 7
Workaround
The workaround involves a few verifications within the editor, as well as some modifications to the package.
EDITOR
- Backup your project
- Go to Window > Asset Management > Addressables > Groups
- Click on the asset groups
- In the Inspector window click on Advanced Options
- Change Retry Count to 30
- Go to Window > Asset Management > Addressables > Settings
- Under Downloads in the Inspector window change Maximum Concurrent Web Requests to 10
PROJECT FOLDER
- Locate and open your project folder
- Locate the folder Library > Package Cache >com.unity.addressables@1.19.19
- Move the folder into Packages NB:Moving the file will allow you to edit the code without the package manager attempting to re-import the un-modified code.
- Go to com.unity.addressables@1.19.19 > Runtime > ResourceManager > Util
- Open the file UnityWebRequestUtilities.cs with VS Code or equivalent.
- Modify Line 137 by commenting out Error == "SSL CA certificate error |"
- Save your changes
- Return to the Editor
EDITOR
- Rebuild your assets. You must create a New Build script for your assets; failing to do so may lead to the error still being present.
Conclusion
This doesn’t eliminate the SSL errors completely. If a connection is bad, and the retries fail and certificate cannot be verified you may still receive an error message. During testing we were able to see a 75% improvement to errors. This may even be closer to 100% depending on the circumstances. If these steps were taken and there are still errors that cannot be bypassed, please create a support ticket.
Comments
2 comments
Is the workaround for this issue still the same? It is a pain to make the Unity Addressables package embedded just to change one line of code for this issue.
Whenever someone new checks out the project in git or sometimes even when we switch branches, Unity has compile errors for the Addressables package which we can only resolve by either:
The compile errors happen even with the package committed in git under the Packages folder, it seems like Unity is trying to include both that version and the version from the packages registry.
As F5Foxie questioned, can you please confirm if this change has or is making it into an Addressables package version? If it's a known issue it seems odd not to be rolled into the core package. I'm a little worried bumping the retry count to 30; wouldn't this result in a very long (undesirable) delay to the user whilst the retries complete? I believe we've had this issue with at least one internal user but it's difficult to identify without interrogating the device logs, which we don't have access to 'in the wild'.
Please sign in to leave a comment.