Playbin: SSL certificate checking
Maksim Liauchuk
maksim_liauchuk at fastmail.fm
Tue Mar 22 20:38:35 UTC 2022
After your questions, I gave it a deeper look. And finally discovered that actual source is souphttpsrc, it was just hidden under one more basic abstraction layer. The rest was easy, I managed to pass 'ssl-strict' property to it per your initial suggestion - and voila, it works as desired now!
I have not enough words to express how thankful I am for such a terrific support.
Thank you Nirbheek!
All the best,
--
Maksim Liauchuk
On Tue, Mar 22, 2022, at 07:18, Nirbheek Chauhan wrote:
> On Tue, Mar 22, 2022 at 3:31 AM Maksim Liauchuk
> <maksim_liauchuk at fastmail.fm> wrote:
>> I'm not 100% sure about OpenSSL, in fact I deal with Java bindings, which seem use gio-2.0 (see https://github.com/gstreamer-java/gst1-java-core/blob/master/src/org/freedesktop/gstreamer/lowlevel/GioAPI.java#L29).
>
> If you are loading an HTTP URI, you are using an element that
> implements support for HTTP URIs. You can check which ones you have
> available with:
>
> $ gst-inspect-1.0 -u | grep http
> souphttpsrc (read, rank 256): http, https, icy, icyx
>
> Or just look at the output of `gst-inspect-1.0 -u` directly.
>
>> Forgot to add, that I manually added that self-signed CA cert to Java cacerts. And can confirm it works because *after that* I'm able to fetch pages via HTTPS from the app. Thus I would assume native library is used for stream work.
>> May I ask for an advice where to look further please?
>>
>> Probably not a surprise to yourself, but souphttpsrc isn't used in my setup.
>>
>> ELEMENT SETUP: URIDecodeBin: [uridecodebin0]
>> SOURCE SETUP: BaseSrc: [source]
>
> Okay, this is not telling us what source element it's actually
> plugging here. What URI are you trying to play when this happens? Can
> you share the code of source-setup handler that you're using to print
> this?
>
> Cheers,
> Nirbheek
More information about the gstreamer-devel
mailing list