Hello, I run a server and I'm having a nightmare getting the verifying signature to work correctly.

Here is my settings.


// some ArmA specific stuff - signature verification
// Enables signature verification for addons
// This will prevent pbo hacks by only allowing pbo's that pass server's public key checks
verifySignatures=2;

regularcheck="{}"; // Signature timeout fix

//list of files to check for identity
checkfiles[]={"HWTL\dta\data3d.pbo","dta\data3d.pbo"};

// some ArmA specific stuff - signature verification
onUnsignedData = "kick (_this select 0)"; // unsigned data detected
//onHackedData = "ban (_this select 0)"; // tampering of the signature detected
onDifferentData=""; // data with a valid signature, but different version than the one present on server detected

// If set to 1, player has to use exactly the same -mod= startup parameter as the server.
equalModRequired=0;

// Anti-cheat
battlEye = 1;

I upload publickeys such as VOPsounds from that OFPEC website and it is still kicking me from my server. I'm just sick of all the hackers that can come on when you don't have any verifying script method. Is there anyway for me to also make new ones for other addons I have, I tried that DSutils v2 release (signatures) and can't get it to sign my addons just says ERROR after I try to sign them.

unrelated but set to:
checkfiles[]={};

you need to resign all addons that lack v2 signatures yourself with your own new key(s)
(and use the latest beta patch as player to avoid issues with the BI DLC)

unrelated but set to:
checkfiles[]={};

you need to resign all addons that lack v2 signatures yourself with your own new key(s)
(and use the latest beta patch as player to avoid issues with the BI DLC)

Thanks for reply!

Can anyone else give a more in-depth description? A little how2?

You are running V2 signature checking. Many addons have not yet made their keys V2 series. V2 series keys are backwards compatible with V1 checking, however V1 keys will NOT work with V2 series signature checking.

So recommend using addons with V2 series keys or just set

verifySignatures=1;

If you absolutely want V2 signature checking then I am probably not the best person to speak to on the subject matter. Been awhile since I signed any files.


Also I recommend at least having.... if you have it ban it tends to ban those who really dont seem to have hacked the addons. :p I see you commented it out but I suggest having it on. Also not sure if you comment it out if it defaults to a standard setting which would probably be banning.



onHackedData = "kick (_this select 0)"; // tampering of the signature detected

Just to add / clarify some of the above...

If you enable v2 signature checking and the player (client) connects with BAF/PMC DLC installed then the current release version of the client will not properly verify the v2 signature on some of the BAF/PMC files. The latest beta patch (82901) has the fix (82899). It's a client-side fix, so only the clients need to run the beta. The server can still be at the release version.

Just to add / clarify some of the above...

If you enable v2 signature checking and the player (client) connects with BAF/PMC DLC installed then the current release version of the client will not properly verify the v2 signature on some of the BAF/PMC files. The latest beta patch (82901) has the fix (82899). It's a client-side fix, so only the clients need to run the beta. The server can still be at the release version.

His other problem is he may be using other 3rd party addons which were not yet signed for V2. Good point on the BAF/PMC though Focher.