New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RTSPS and self-signed certificates #1395
Comments
Hello, Yes you can do it but currently you will need modify the library a bit to do it. You need modify this class in this line: Where you need add a trustmanager like here to accept all or add your own certificate. You can use this post as guide: This feature seem necessary so I will add it to the library but for now you will need import the library manually to your project |
Thanks for your help, I'll try to modify the library like you suggested. |
I'm currently adding a method for it. If you can wait like 30min I can give you a gradle to compile the project with the new method to support it |
Thank you, I'd be happy to test it when you're ready. |
This is the gradle (you are compiling the current last commit in master branch): implementation 'com.github.pedroSG94.RootEncoder:library:f7c1abf917' You can add your certificate like this: rtmpCamera2.getStreamClient().addCertificates(arrayOf(AcceptAllCertificates())) AcceptAllCertificates is a class created for me to auto accept all certificates. Load your own certificate as explained in the previous stackoverflow post is recommended: |
Thanks! I will test it as soon as possible and let you know how it goes. |
I was able to get it to work using the gradle you gave me and the following code. I was able to connect to my MediaMTX server with a self signed cert and I got no errors. Thanks for the quick response!
|
I'm using RootEncoder in my app and can stream to MediaMTX using rtsp and rtsps using Let's Encrypt certificates. However if I try to stream using rtsps to a MediaMTX server with self signed certificates I get this error in logcat
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found
I understand the error and why it happens. My question is, is there a way to prompt the user about the security risk and have them choose to continue anyway, kind of like web browsers do?
I also noticed some unexpected behavior when using Let's Encrypt certificates. Everything worked as expected when I connected to rtsps://my_domain.com:8322/my_stream. Then I connected using rtsps://my_local_ip:8322/my_stream and that also worked. Maybe I'm misunderstanding something but I would have expected an error that the url's hostname doesn't match the certificate's hostname. But it seems like it's just checking the certificate issuer and possibly the expiration date.
The text was updated successfully, but these errors were encountered: