How to make Pion TURN work with SSL?

[ghost]

Hello, thanks for the nice alternative.
Can Pion TURN work with SSL?

[daenney]

I would expect that can be done with https://github.com/pion/dtls. You'll have to dtls.Dial() first which returns a dtls.Conn, which implements the Go standard librarynet.PacketConn interface. B/c of this you can set the returned conn from a dtls.Dial() on turn.ClientConfig.Conn. You can do the same thing for the server side by using dtls.Listen() instead.

I'm not sure if this works, but I would expect it does.

[daenney]

On second thought, I might be wrong. dtls.Dial() gives us a net.Conn, not a net.PacketConn and dtls.Listen gives us a net.Listener.

[ghost]

Daniele thanks for the reply.
I tried PION as an alternative to COTURN. He is really very light and smart. But, forgive me, I'm not an experienced Go user.

It would be great if there were additional configuration variables in which you could insert the port, the path to the SSL key and certificate

[daenney]

@Sean-Der You're a lot more well versed in this than I am. If I look at the code, I don't think we can just wrap pion/dtls around it and have it work, so providing easy options for it would be hard to.

What do we need to do to make it happen? And does it make sense?

[Sean-Der]

This is done!

The Server now accepts a slice of PacketConnConfig or ListenerConfig. With ListenerConfig you can pass anything that implements the net.Listener interface.

so pion/turn can now use the result from tls.Listen or it can use the Listener that is provide by pion/dtls

[acondura]

Could you please show an example how we could use SSL certs with this for example https://github.com/pion/turn/tree/master/examples/turn-server/tcp?

[dhaminitinAltran]

Hi has anyone used this with SSL where or how do we need to provide the certificates for configuring?