https://answers.ea.com/t5/Bug-Reports/How-to-fix-Error-Code-EC-10000-or-EC-10500-in-EA-app/m-p/13774047/highlight/true#M53006
If you cannot open this page, you will not be able to log in as it contains a critical javascript library used during the login process:
https://eaassets-a.akamaihd.net/resource_signin_ea_com/551.0.20240521.214.dd7d72ad413c/p/statics/juno/js/sha.v_1716257766-min.js
I just chatted with EA Support and submitted details.
This is the problem.
This is what happens when eaassets-a.akamaihd.net points at 84.208.4.186 (default when Telia is your ISP), curl is just a command to retrieve a resource over HTTP
curl https://eaassets-a.akamaihd.net/resource_signin_ea_com/551.0.20240521.214.dd7d72ad413c/p/statics/juno/js/sha.v_1716257766-min.js -v
* Host eaassets-a.akamaihd.net:443 was resolved.
* IPv6: (none)
* IPv4: 84.208.4.186, 84.208.13.8
* Trying 84.208.4.186:443...
* Connected to eaassets-a.akamaihd.net (84.208.4.186) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: none
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / x25519 / id-ecPublicKey
* ALPN: server accepted http/1.1
* Server certificate:
* subject: C=US; ST=Massachusetts; L=Cambridge; O=Akamai Technologies, Inc.; CN=a248.e.akamai.net
* start date: Apr 18 00:00:00 2024 GMT
* expire date: Apr 19 23:59:59 2025 GMT
* subjectAltName: host "eaassets-a.akamaihd.net" matched cert's "*.akamaihd.net"
* issuer: C=US; O=DigiCert Inc; CN=DigiCert TLS RSA SHA256 2020 CA1
* SSL certificate verify ok.
* Certificate level 0: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using sha256WithRSAEncryption
* Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* Certificate level 2: Public key type RSA (2048/112 Bits/secBits), signed using sha1WithRSAEncryption
* using HTTP/1.x
> GET /resource_signin_ea_com/551.0.20240521.214.dd7d72ad413c/p/statics/juno/js/sha.v_1716257766-min.js HTTP/1.1
> Host: eaassets-a.akamaihd.net
> User-Agent: curl/8.6.0
> Accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/1.1 301 Moved Permanently
< Server: AkamaiGHost
< Content-Length: 0
< Location: https://eaassets-a.akamaihd.net/resource_signin_ea_com/551.0.20240521.214.dd7d72ad413c/p/statics/juno/js/sha.v_1716257766-min.js
< Cache-Control: max-age=31473291
< Date: Wed, 05 Jun 2024 12:13:07 GMT
< Connection: keep-alive
< Access-Control-Allow-Methods: GET, OPTIONS
< Access-Control-Allow-Origin: https://signin.ea.com
<
* Connection #0 to host eaassets-a.akamaihd.net left intact
The reply from the server is 301 - moved permanently and the destination it tries to redirect to is the one already requested.
And this is what happens when you make it point at 184.24.77.133 (manually through your system's hosts-file):
curl https://eaassets-a.akamaihd.net/resource_signin_ea_com/551.0.20240521.214.dd7d72ad413c/p/statics/juno/js/sha.v_1716257766-min.js -v
* Trying 184.24.77.133:443...
* Connected to eaassets-a.akamaihd.net (184.24.77.133) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CAfile: C:/Program Files/Git/mingw64/etc/ssl/certs/ca-bundle.crt
* CApath: none
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
* subject: C=US; ST=Massachusetts; L=Cambridge; O=Akamai Technologies, Inc.; CN=a248.e.akamai.net
* start date: Apr 18 00:00:00 2024 GMT
* expire date: Apr 19 23:59:59 2025 GMT
* subjectAltName: host "eaassets-a.akamaihd.net" matched cert's "*.akamaihd.net"
* issuer: C=US; O=DigiCert Inc; CN=DigiCert TLS RSA SHA256 2020 CA1
* SSL certificate verify ok.
* using HTTP/1.1
> GET /resource_signin_ea_com/551.0.20240521.214.dd7d72ad413c/p/statics/juno/js/sha.v_1716257766-min.js HTTP/1.1
> Host: eaassets-a.akamaihd.net
> User-Agent: curl/7.88.1
> Accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/1.1 200 OK
< Content-Type: application/javascript
< Server: istio-envoy
< Last-Modified: Tue, 21 May 2024 11:57:11 GMT
< ETag: "31c3-618f5849e053a"
< x-envoy-upstream-service-time: 0
< x-envoy-hostname: ip-10-141-0-26.ec2.internal
< Cache-Control: public, max-age=1209600
< Date: Wed, 05 Jun 2024 12:45:57 GMT
< Content-Length: 12739
< Connection: keep-alive
< Access-Control-Allow-Methods: GET, OPTIONS
< Access-Control-Allow-Origin: https://signin.ea.com
<
(function(){var w=8,G="",C=0,x=function(K,J){this.highOrder=K;this.lowOrder=J},E[SNIPPING OUT ACTUAL CONTENT ELSE THE POST WILL BE TOO LONG]
Connection #0 to host eaassets-a.akamaihd.net left intact
The reply is the actual content.
EA has to fix this.
Edit:
Bonus, if you change the URL slightly, such as adding some parameter that isn't used like this:
https://eaassets-a.akamaihd.net/resource_signin_ea_com/551.0.20240521.214.dd7d72ad413c/p/statics/juno/js/sha.v_1716257766-min.js?v=a
It suddenly works again.