CDN-Transcode-Sample icon indicating copy to clipboard operation
CDN-Transcode-Sample copied to clipboard

Published 20 hours ago verified publisher icon OpenVisualCloud

Certificate verification failure when play live with vlc

Open meiyanz opened this issue 5 years ago • 5 comments

Issue Description: Certificate verification failure when play live with vlc Error log: gnutls error: Certificate verification failure: The certificate is NOT trusted. The certificate issuer is unknown. The certificate chain uses not yet valid certificate. The name in the certificate does not match the expected. main error: TLS session handshake error main error: connection error: No error access error: HTTP connection failure Reproduce Rate: 100%. The commit information: commit dfaa5e0bf2e6aa7ad238bc98a57b9f8cbd77b6bc Reproduce: $ git clone https://github.com/OpenVisualCloud/CDN-Transcode-Sample.git $ cd CDN-Transcode-Sample $ git reset --hard dfaa5e0bf2e6aa7ad238bc98a57b9f8cbd77b6bc $ sudo -E ./script/install_dependency.sh $ sudo mkdir -p /etc/systemd/system/docker.service.d $ printf "[Service]\nEnvironment="HTTPS_PROXY=$https_proxy" "NO_PROXY=$no_proxy"\n" | sudo tee /etc/systemd/system/docker.service.d/proxy.conf $ sudo systemctl daemon-reload $ sudo systemctl restart docker $ cd deployment $ make build_kubernetes $ cmake ../ -DNVODS=0 -DNLIVES=1 $ make $ cd ../ $ mkdir -p /etc/systemd/system/kubelet.service.d/ $ printf "[Service]\nEnvironment="HTTPS_PROXY=$https_proxy" "NO_PROXY=$no_proxy"\n" | sudo tee /etc/systemd/system/kubelet.service.d/proxy.conf $ ./script/Kubernetes_setup_master.sh $ kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}') | grep token: | awk '{print $2}' $make volume $make start_kubernetes open vlc and play live : https://10.67.113.104/hls/media_0_0/index.m3u8

meiyanz avatar Jun 11 '20 06:06 meiyanz

This is expected. The sample generates a self-signed certificate. It's not trusted anywhere. Please see if there is any option in vlc to disable certificate verification.

xwu2git avatar Jun 11 '20 23:06 xwu2git

I doesn't find any option to disable this certificate verification in VLC. would you mind to ask which certificate verification it needed and how it is done.

meiyanz avatar Jun 12 '20 02:06 meiyanz

How it was done before? There is no good way to make a self-signed certificate trusted on a different server. The closest I can think of is to follow this process: https://github.com/OpenVisualCloud/Dockerfiles/wiki/BKM:-Setup-Private-Docker-Registry-with-Self-Signed-Certificates

The other alternative is to expose http instead for testing purpose only.

xwu2git avatar Jun 16 '20 21:06 xwu2git

there is a popup window to ask for your certificate when play live normally; but there is no popup window when I play the live.

meiyanz avatar Jun 18 '20 06:06 meiyanz

This is strange. There is no change to how the container works. @TangZhiZhen, could you check if anything is changed?

xwu2git avatar Jun 20 '20 04:06 xwu2git