ROS entitlement error, FiveM broken OSCP

To receive support, please fill out the following template, and remove this top text.

GTA V version?
Latest steam build

Up to date?
Yes

Legit or Pirate copy?
Obviously legit

Steam/CD/Social Club?
Steam and Social club, I dont know how people get it working without social club.

Windows version?
8.1

Did you try to delete caches.xml and try again?
Yes

Error screenshot (if any)

[Album] Imgur

System specifications
32 gig ram
8600k
samsung 850 pro ssd
intel nic

What did you do to get this issue?
I launched fivem

What server did you get this issue on?
not applicable, I cannot even launch fivem

CitizenFX.log file
[ 0] Initialized system mapping!
[ 63] CitizenFX Steam child starting - command line: “C:\Users\Chris\AppData\Local\FiveM\FiveM.exe”
[ 813] Initialized system mapping!
[ 907] CitizenFX Steam child starting - command line: “C:\Users\Chris\AppData\Local\FiveM\FiveM.exe”
[ 1141] Initialized system mapping!
[ 1235] CitizenFX Steam child starting - command line: “C:\Users\Chris\AppData\Local\FiveM\FiveM.app\cache\subprocess\FiveM_SteamChild.exe” -steamparent:14692
[ 1235] Initializing Steam parent.
[ 1250] Initializing Steam parent: Steam’s running.
[ 1297] Initializing Steam parent: Initializing presence.
[ 1422] Initializing Steam parent: Attempting to run processes.
[ 1453] Initialized system mapping!
[ 1469] Loaded d3d11.dll!
[ 1469] hello from “C:\Users\Chris\AppData\Local\FiveM\FiveM.exe”
[ 1500] Got ros:legit process - pid 15108
[ 1516] CitizenFX Steam child starting - command line: “C:\Users\Chris\AppData\Local\FiveM\FiveM.app\cache\subprocess\FiveM_SteamChild.exe” -steamchild:14860
[ 1516] game parent PID: 14860
[ 1516] waiting for process to exit…
[ 1532] Initialized system mapping!
[ 1625] hello from “C:\Users\Chris\AppData\Local\FiveM\FiveM.app\cache\subprocess\FiveM_ROSLauncher” ros:legit --parent_pid=14692 “D:\SteamLibrary\Grand Theft Auto V\GTAVLauncher.exe”
[ 12078] EndpointMapper::HandleRequest: POST /ros/login
[ 12516] EndpointMapper::HandleRequest: POST /ros/validate
[ 12735] GlobalError: Error generating ROS entitlement token: 10 (schannel: next InitializeSecurityContext failed: Unknown error (0x80092013) - The revocation function was unable to check revocation because the revocation server was offline.)
[ 12844] Process crash captured. Crash dialog content:
[ 12844] FiveM has encountered an error
[ 12844] Error generating ROS entitlement token: 10 (schannel: next InitializeSecurityContext failed: Unknown error (0x80092013) - The revocation function was unable to check revocation because the revocation server was offline.)
[ 12844]
[ 12844] If you require immediate support, please visit FiveM.net and mention the details in this window.
[ 12844] process exited with -2!

.dmp files/report IDs
id in the screenshot, no dump file as it isnt a crash

If an issue with starting:
GTA V folder screenshot
GTA V/update/x64/dlcpacks screenshot

Not posting either I think at this point it is getting stupid, it feels like this template is designed to try and blame issues on local installation. Plus I know what the problem is and it “is not” the GTA5 installation…

Filepath to FiveM folder
Default so users appdata folder, visible in screenshot

FiveM client folder screenshot

[Album] Imgur

Did you try to disable/uninstall your Anti-virus?
yes

So the issue is on every launch I am been asked to authenticate social club, very aggressive online DRM, interestingly after FiveM fails to launch it then forced my next launch single player to need to authenticate as well so FiveM is deleting the social club cache files for the GTA5 install. I can obviously launch single player absolutely fine.

The issue is the same as what I posted last year with no acknowledgement from FiveM developers, that is the FiveM client is requiring OSCP authentication on certificates, and that the server for whatever reason is not accessible. This problem also occurs when using a VPN.

There is over 10 reports on this from various people, not a single dev acknowledgement. The solution is to disable the enforcement of OCSP which in reality is probably a very minor risk added in terms of SSL trust. All the major browsers no longer enforce OCSP as the security community as a whole has decided OCSP in its current state is not reliable enough. Implementing OCSP stapling could be a possible workaround as well, this solution involves caching of the OCSP result server side so if the OCSP server goes down then clients can still connect.

Also do developers read these posts or am I wasting my time?

Regards

Hello, this is a friendly reminder because this is your first time creating a topic (or it has been a while since your last topic) in this category.

Please note that most of the support is provided by the FiveM community on a voluntary basis. We ask you to be patient; there is no guarantee we have a solution to your problem(s). To avoid unnecessary/duplicate topics, please browse the forums before creating a topic.

To improve your chances of your issue(s) being solved, please provide as much information as possible about the issue(s) you are having. Also —whenever possible— please use the template given to you when creating a topic.

Thanks for keeping these forums tidy!

First off, coming in here and blaming everything on the developers will only get people to not help you from what I’ve seen.

But here I am.

Go ahead and delete your C:\Users\YOURNAME\AppData\Local\DigitalEntitlements folder and try again.

Only a select few receive this type of error which only goes to show this likely isn’t a “FiveM issue”

I’m sure someone closely connected to the project could comment better… But this doesn’t happen to EVERYONE. Just you. And a few others.

Now let’s try to fix it. Please follow what I said above.

I cannot explain why its only happening to a few people, but what I do know is disabling the OCSP check will fix it.

I can confirm deleting the folder has had no affect and it is still failing to connect to server(s) because of failed OCSP authentication.

If you want a screenshot please let me know and I will post it, but its the same error as before.

The OCSP server is online just fine, you not being able to connect to it is an entirely different concern, and presumably will lead to other issues as well (since you arbitrarily fail to perform TCP/HTTP requests to arbitrary endpoints).

Also, I’m not sure if libcurl even provides an option at all to disable OCSP checks.

it should do as OCSP is not checked by default, someone will have had to specifically enable it.

If you have the ip address of the OCSP server I can try a network diagnostics to it from here.

Nope, no code has explicitly enabled it. We’re using the native OS schannel backend however, not any of the embedded-bring-your-own-root-certificate-list ones.

OK, the latest canary build uses OpenSSL for cURL instead of plain schannel.

However, it doesn’t launch due to a tiny oversight elsewhere - in ~10 minutes from the writing of this post a new build should be out that ought to actually launch.

Please verify this actually does work correctly for cases experiencing this issue by updating to it by adding to CitizenFX.ini:

[Game]
;IVPath= (stuff that's already there)
UpdateChannel=canary

Ok I am back in business, kind off.

I added the line to the ini file/

I launched fivem, it updated and the UI is running.

However I dont get anything in the window, just the background, as I was typing this it then proceeded to crash.

Could not contact entitlement service status code 408, so progress
I will do screenshot of error and attach log, ok no log but attached dump.

[Album] Imgur

b50182c8-0797-4366-b6f1-13caa91112d0.dmp (715.0 KB)

Glad to see you got the acknowledgment you were looking for. Good luck to you.

I appreciate the acknowledgement, I just relaunched the app now, and this time the content is loaded, so that 408 error may be a one off.

I had same 0x80092013 problem, here is mine solution For those who have 0x80092013 error

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.