You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For context, we use str0m as an SFU. Due to our unique setup, a single browser client may be connected to multiple SFUs at the same time. Our SFUs generate one DTLS certificate each on startup and then re-use it for all of that SFU's rooms.
Firefox clients fail to connect to the second SFU in this setup, with an error of:
This seems like a resurfacing of versatica/mediasoup#127, which we have a workaround for here. The problem is that both SFUs generate their certificate with the same starting serial number of 1, since they are different processes. This brings us to the same situation again - same serial + issuer, but different certificate.
The problem seemed to be fixed when I replaced this atomic increment with a randomly-generated 128-bit number. Would that be an okay solution?
The text was updated successfully, but these errors were encountered:
For context, we use str0m as an SFU. Due to our unique setup, a single browser client may be connected to multiple SFUs at the same time. Our SFUs generate one DTLS certificate each on startup and then re-use it for all of that SFU's rooms.
Firefox clients fail to connect to the second SFU in this setup, with an error of:
This seems like a resurfacing of versatica/mediasoup#127, which we have a workaround for here. The problem is that both SFUs generate their certificate with the same starting serial number of
1
, since they are different processes. This brings us to the same situation again - same serial + issuer, but different certificate.The problem seemed to be fixed when I replaced this atomic increment with a randomly-generated 128-bit number. Would that be an okay solution?
The text was updated successfully, but these errors were encountered: