souphttpsrc SSL/TLS handling and default CA location
dorin
dorin.clisu.ntt at gmail.com
Fri Jun 19 09:19:26 UTC 2020
I just hit the unlikely and unfortunate case where a source server relies on
a certificate authority that is not trusted by linux distros (Starfield G2 -
although it's trusted by all browsers). I need to fetch data from a https
url from that server, and it returns Unacceptable TLS certificate (6).
The problem now is that I think souphttpsrc is buggy and I can't find a
workaround. Things I've tried:
- souphttpsrc ssl-strict=0 (no difference)
- downloaded the Starfield G2 CA file and installed it to the default CA
bundle
- $ curl https://server works fine, this confirms the CA is trusted now
- using curlhttpsrc in gstreamer pipeline works fine
- using souphttpsrc still throws TLS error (6)
- souphttpsrc ssl-ca-file=/tmp/sfig2.crt.pem (no difference)
- souphttpsrc ssl-ca-file=/tmp/sfig2.crt (no difference)
- souphttpsrc ssl-use-system-ca-file=1 (no difference)
How can I get souphttpsrc to read from the server?
--
Sent from: http://gstreamer-devel.966125.n4.nabble.com/
More information about the gstreamer-devel
mailing list