Flight 1 Help

[JoeW]

Hi giuys .......
I just Wiped my hard drive and boot sector and installed Windows 7. I have it up and running with most of the program installed. I have FTX PNW Blue and the concrete, Isreal's Farm area installed.
I have Or rather had from Flight 1, AFX, Instant Scenery 2, Flight Replicas Super Cubs installed. Now every time I try to install any one of these programs I can't connect to Verify that I bought them and have a legal right to install them. I keep getting the message below at the time that it should be verifying it.
Has anyone had this problem?

[Meshman]

Hey Joe,

Flight1 has a long page dedicated to Vista, but a lot still applies to Win7;

http://www.flight1.com/view.asp?page=vista

I've seen postings about running the red installers by right-clicking and setting to run as Administrator, so be sure you're doing that. Firewall? You didn't mention which you are using, but there will probably be a permissions setting or two to set within Win7.

I'll probably be upgrading from XP to Win7 soon, so I hope you get things working and share any insights, as I have most all (if not all) of their tools that will need to be reinstalled.

[wantok]

Sorry to hear that, Joe. I always dread trying to uninstall Flight1 products for the very reason you're going thru. Online activation is a pain so I always backup full software (.exe and proof of purchase, etc) before uninstalling F1 products. Since you wiped your HD clean, I suggest you contact F1 directly to assist restore your products.

[JoeW]

I have tried everything I can think of. Including Booting in Safe Mode and installing ....... nope .
I have done every thing they said ....... still get that connection notice.
Meshman ....... thats exactly what I did...... I did a backup on a 500 gb external HD and restored after installation. This works great for most programs. I restored Firefox with ALL..... ALL favorites. Win 7 doesn't have Outlook Express any more, so I installed Win live mail ....... restored just great ..... all of my addresses were imported. The backup with FSX will bite you. It restores your FSX.cfg and several other things and that keeps FSX from running. You have to remove those and reinstall.
F1 is the only thing I have problems with.

Meshman ....... There is File transfer Program in XP ....... don't use it ..... wont work with Win7. Do a search for another File Transfer Program that MS has that does work with XP and Win 7.
File name is: mssefullinstall-x86fre-en-us-XP.zip
I think ....................

[falcon409]

Joe,
That's very similar to the error I was getting when I tried to open Plan-G and it turned out to be rooted in "Internet Explorer". You asked how I corrected that problem and I gave you a step by step. Did you check your IE to see if the connection information was correct?:salute:

[Meshman]

In the first quarter of this year I had computer problems and bought a Win7 upgrade in the hpoes it would "fix" things. Turned out to be a mobo problem and I went back and installed XP for both systems. The little bit of exposure to Win7 says I'm going to be having some fun when I get it permanently installed...

Joe, it should be obvious that you're working from the .EXE file that has the red arrow on it, the unwrapper? Not the extracted program. When you run the downloaded unwrapper there is a section for you to test your internet connection to the Flight1 servers. Have you done that? It will probably tell you the same thing, that there is a problem making a connection. If so, you're going to need to open up the firewall so that unwrapper can gain access to the web. Some one with Win7 will need to assist you on how that is accomplished. Like I mentioned earlier, a lot of times even though you are set up on the computer as the Administrator, you may still need to right-click on the unwrapper program and select "Run as Administrator" so that it functions with a higher level of permission than it otherwise would.

While I was active at the F1 forums as a CP I focused on the tools and scenery products, not planes and e-commerce. If the above doesn't help much, your best bet is to hit the Flight1 forums for assistance.

[JoeW]

Falcon: Yes I tried that. It didn't work either.

Meshman: I also ran it as administrator with the firewall, anti-virus and ad-aware programs all disabled. I still got the message with that.
I think I have it set up where I'm the only user with all rights right now.

[XLR8]

Just my 2 cents here. I also hate flight 1 activation. I have several programs and have never been able to back them up. The only way I could get them to work after the first install is to redownload and reactivate them. once that wrapper is gone its gone. One good thing is I have not had any complaints getting new activations.

[allcott]

This doesn't sound like a Flight 1 problem, it sounds more like a net connectivity issue.

How about starting IE, minimising it and THEN starting the verification procedure? If that works then it's a port issue on the user computer, nothing to do with the Flight 1 installer, wrapper or license generator at all.

Have you actually given permission to the Flight 1 installer to open a connection?

[TeaSea]

Joe,

Assuming you are not running any other firewall than Win 7, and that you completely shut down the firewall, then you have eliminated the firewall as a problem.

I would suggest you re-download the software and proceed from there. I suspect Flight1 is using some executable in the original download that is no longer active for one reason or another. They seem to have given it a lot of attention on their customer service pages, so it would appear this is a fairly routine occurance.

Let us know what happens.

-chris

[TeaSea]

Joe,

After musing a bit, I think your problem is actually related to your certificates. No doubt you purchased your hardware using the HTTPS protocol, SSL (Single Socket Layer-- that would be port 443 and 636 for you guys worried about firewalls).

This relies upon PKI technology which does two things:

1) Verifies who you are (this is your problem).

2) Encrypts any traffic passed during a transaction.

I believe when you purchased your software and completed the transaction through a download, you were assigned a public and a private key. These are held by your browser software as a certificate. A copy of the public key goes to a third party who also typically assigns the keys (like GoDaddy.com) and your private key goes only to your HDD (hence the term private). PKI authentication cannot take place without the sender's (you in this case) private key.

I suspect in re-formating your drive, you've eliminated your private key (certificate). Flight 1 is looking to match that key against your public key (held by the Certificate Authority third party), not seeing it, and denying you access to any further resources. If this is the case, it will need to be re-established. Fortunately, you should be able to do that fairly easily by re-downloading. Flight 1 has very specific instructions on how to do that if you have trouble.

During the intial part of the transaction, you will be assigned a new pair of keys as part of the download. Again, the CA will hold your public key, the private key will dump on your HDD through the browser.

I could be wrong about this....but the more I think about it, the more it makes sense. If this proves to be accurate, let me know.


-chris

[Dangerousdave26]

Joe and I worked on this for an hour and a half today. It is a stumper.

The issue is the Flight1 wrapper connecting to the server. Something is blocking it and I will be a monkey's uncle if I know what it is.

Its not the firewall. We disabled it

It not Adaware we turned it off.

Its not MS security essentials we shut it down.

We can go to the Flight1 web page with out a problem. He is logged in at flight1 when we look at his account.

There are no networking issues he has his PC plugged directly into his cable modem so he is directly on the internet. I confirmed that statement by ipconfig.

He has been working with Flight1 there has been a tick open for a week. They have been unable to crack the code either.

Running the program as administrator did not help either.

At this point the only other thing I can think of is it is some other program that is using the port that the flight1 wrapper wants to confirm the connection back to the their server. And of course I could not find anything.

I am putting the problem on the top of my list of big mysteries.

:isadizzy:

[gigabyte]

Joe,

After musing a bit, I think your problem is actually related to your certificates. No doubt you purchased your hardware using the HTTPS protocol, SSL (Single Socket Layer-- that would be port 443 and 636 for you guys worried about firewalls).

This relies upon PKI technology which does two things:

1) Verifies who you are (this is your problem).

2) Encrypts any traffic passed during a transaction.

I believe when you purchased your software and completed the transaction through a download, you were assigned a public and a private key. These are held by your browser software as a certificate. A copy of the public key goes to a third party who also typically assigns the keys (like GoDaddy.com) and your private key goes only to your HDD (hence the term private). PKI authentication cannot take place without the sender's (you in this case) private key.

I suspect in re-formating your drive, you've eliminated your private key (certificate). Flight 1 is looking to match that key against your public key (held by the Certificate Authority third party), not seeing it, and denying you access to any further resources. If this is the case, it will need to be re-established. Fortunately, you should be able to do that fairly easily by re-downloading. Flight 1 has very specific instructions on how to do that if you have trouble.

During the intial part of the transaction, you will be assigned a new pair of keys as part of the download. Again, the CA will hold your public key, the private key will dump on your HDD through the browser.

I could be wrong about this....but the more I think about it, the more it makes sense. If this proves to be accurate, let me know.


-chris

I have run into this very issue several times with some of my external customers at work, and I agree with Chris this does seem like a very likely cause of the problem you are having. One suggestion I would make is, once you get this resolved and have a new key issued, make sure you export the private Keys from your browser cache (in iExplorer the export function is in the Tools/Options menu). What I do is export any private keys I want to keep and burn them to a mini CDR, and label it for backup.

[TeaSea]

Well,

after some more thought (I do ponder these things), I think I may be off track. It occurs to me that your private key is not on your drive, just the certificate.

I'm not an expert at it though. Someone out there may know better.

[Dangerousdave26]

I disagree with your theory that the issue is certificate related and here is why.

I have two computers which have no association to Flight1. Both computers can connect to their server usging the "test connection" function, that comes up when you first start the Flight1 program.

If it were a cert issue that connection would fail. Of course that would not even make sense Flight1 needs to allow access to persons who don't have certs so they can create a new account.

I ran a wire shark scan on my laptop this morning to see just what IP and what ports Flight1 is using for the connection. As expected they are using www.flight1.com as their connection location. The ports they are using may actually be the reasons why so many people have problems. I see three ports being used. Port 80, 443, and 49185.

Joe has comcast and they list port 445 as a port they are blocking to protect customers. It is very possible they are blocking 443 or 49185 also. They don't say they are blocking port 80 but I could have sworn years ago they were.

The way to test that is to download the port checker tool from http://portforward.com and test those ports.

http://portforward.com/help/portcheck.htm

The fire wall may need to be disabled to check the ports. I would not keep it down long since you are sitting on the internet directly.

Port 49185 is a Dynamic port and will not always be the connection port to flight1 but testing port 49185 should be a good indiction if comcast is blocking those ports. I would hope of think not.

[n4gix]

Well, I've been with Comcast for the past many years and I've not once had any problem with Flight1's system...

[TeaSea]

Joe and I worked on this for an hour and a half today. It is a stumper.


We can go to the Flight1 web page with out a problem. He is logged in at flight1 when we look at his account.

Well, that info alone blows my theory out of the water.....

[Meshman]

Someone posted about this tool today and I've downloaded it, but that's all. But it might be useful if it can show where the bottleneck is in Joe's computer?

http://www.microsoft.com/downloads/e...6-3088333d062f

[Dangerousdave26]

Someone posted about this tool today and I've downloaded it, but that's all. But it might be useful if it can show where the bottleneck is in Joe's computer?

http://www.microsoft.com/downloads/e...6-3088333d062f

Interesting I will keep that one in mind.

I already loaded Wireshark on his PC and the information I could see was inconclusive.

Today he is calling comcast to talk to them and if he doesn't have an amazing amount of success we will be going to Plan B+.

We need to nail down just where the issue is. Is it his PC or His ISP?

The only way I know to test that is Laptop and Road Trip!

Last night we confirmed that the issue is not the firewall or any of the security software (expected). We shut down all the running services last night to the point that I kicked my self off by shutting down a component of the remote assistance connection.

Once I can isolate that it is still his PC we can contact Flight1 and request further assistance. At that point we need to know are there any known conflicts with other software and what protocols/ports are being used to connect to there server.

[Meshman]

The only way I know to test that is Laptop and Road Trip!

Uh oh! Hope that doesn't mean I-4! The other Florida freeways/turnpikes were always OK for me and my big truck, but I-4 just gave me the willies. Dunno why, maybe Orlando?


Once things get figured out if you could share the knowledge, it would be appreciated. My main system is getting torn apart and (likely) a RMA on the mobo. Once I get it back I'll bite the bullet and switch to Win7 64 from XP 64. Just wanting things to go smoothly...

[TeaSea]

Nah!

Not to get to Joe's place. You run down Highway 17 or 27. He's near Placid Lakes and he's one of the local Bass experts!

[JoeW]

Well ...... Dave was here about 3 hours, working away.........
He didn't win the battle but he won the war. By that I mean that he/we didn't find what the problem was but it got fixed. It's something in my user setup that stopping it. He made another user and it works fine.
I can't thank Dave enough for doing this. He really put his all into it.
Thanks Dave Again.

[JoeW]

Recap on this ............ I recieved a PM from Dave this morning and made the changes below.
The connection now works in the Profile that I was using. One or more of these are the cure.
We/He won the battle and the war.


Open IE8

Go to Tool/Internet Options

Go to the Advanced Tab

At the bottom of the list is a section called Security

Make sure these are checked

Check for Publisher's Certificate revocation
Check for server certificate revocation
Check for signatures on download programs
Enable DOM Storage
Enable Integrated Windows Authentication
Enable memory protection to help mitigate online attacks
Enable native XMLHTTP support
Enable SmartScreen Filter
Use SSL 3.0
Use TLS 1.0
Warn about certificate address mismatch
Warn if POST submittal is redirected to a zone that does not permit posts

My guess is we will find that Use TLS 1.0 is not checked but that is just a guess.


About half of the above were not checked. Including the TLS 1.0.

[hey_moe]

Joe, I found the best way to install any of their programs is to first reactivate the key/ then go to their site and down load the program like you were buying it/ when you click the red plane then select reinstall. You already know what to do from there.

[Dangerousdave26]

For future reference to those who may need it.

TeaSea almost had the answer but the issue was not a bad certificate but an inability to use TLS certificates. The attached screen shot is of a Wire Shark capture of a successful connection test to the Flight1 server.

Attachment 25875

The first few connections are a hand shake between the software and the Flight1 server.

In item 4 we see that the protocol has changed from TCP to TLSv1. TLS is a Transfer Layer Security it is an extension of SSL encryption. There are a series of exchanges until a success message is sent.

On Joe's PC step number 4 never happens. His PC creates another message to the server that contains [FIN] which ends the session and generates a failure.

Following the normal test procedure and disabling anything that moves did not fix the issue. We then moved on to an item by item comparison of his computer and my laptop related to the settings in IE and Firefox. Some of the settings were different and those we changed to how they were set in my laptop. Naturally none of that worked.

Then as we were discussing things Joe mentioned creating a new log on ID. Which is a great idea to isolate if the issue is in his settings.

So we created a new user and with that new user we launched the InstantScenery2.exe and it passed the connection test.

That was an extreme good news because we finally had the problem nailed down it is an inability to in his profile to use TLS encryption.

We extracted Instant Scenery 2 and then installed it from his original profile, fired up FSX and tested with complete success.

At this point the game plan since we know what the problem is and just don't know where the options are housed was to create a post here describing the problem and wait for one of our other members here who knows the answer to respond. Great Idea right?

Well yes but on the drive home I remembered one other place to look for settings that I am not sure how I missed when we were checking settings for IE8.

I sent this PM to Joe later that evening after I got home.

Some settings we did not look at

Here are some settings that we did not look at.

Open IE8

Go to Tool/Internet Options

Go to the Advanced Tab

At the bottom of the list is a section called Security

Make sure these are checked

Check for Publisher's Certificate revocation
Check for server certificate revocation
Check for signatures on download programs
Enable DOM Storage
Enable Integrated Windows Authentication
Enable memory protection to help mitigate online attacks
Enable native XMLHTTP support
Enable SmartScreen Filter
Use SSL 3.0
Use TLS 1.0
Warn about certificate address mismatch
Warn if POST submittal is redirected to a zone that does not permit posts

My guess is we will find that Use TLS 1.0 is not checked but that is just a guess.

Dave

These last settings of course are where the problem was hiding the whole time.

This is the kind of problem that will eat at someone until they absolutely hate Flight1 but it is not their fault or problem. It would be good for customers support to have an understanding of what their program is doing so they could educate the customer on how to fix it. This is one of those easy fixes that is impossibly hare to find.

Dave