[jitsi-users] SSL certificate for SSLTCP ICE on video bridge


#1

It looks like Jitsi video bridge supports inbound SSLTCP on TCP port 443
for ICE, how to configure the SSL certificate and private key for it?

Thanks,

/Kaiduan


#2

The "ssltcp" option doesn't actually do SSL. It uses a hard-coded handshake, and the purpose is not encryption, but to trick firewalls. See e.g.
https://groups.google.com/forum/#!topic/discuss-webrtc/YDPjHjSVkPM

Boris

···

On 31/01/2017 12:37, Kaiduan Xie wrote:

It looks like Jitsi video bridge supports inbound SSLTCP on TCP port 443
for ICE, how to configure the SSL certificate and private key for it?


#3

Thanks Boris, this will not work in restrictive enterprise firewall where
the firewall inspects the full SSL handshake.

So for the webrtc client that locates behind the above restrictive
enterprise firewall, the client needs to use TURNS to work with jitsi video
bridge. It looks like meet.jit.si does not provide TURNS support.

/Kaiduan

···

On Tue, Jan 31, 2017 at 1:47 PM, Boris Grozev <boris@jitsi.org> wrote:

On 31/01/2017 12:37, Kaiduan Xie wrote:

It looks like Jitsi video bridge supports inbound SSLTCP on TCP port 443
for ICE, how to configure the SSL certificate and private key for it?

The "ssltcp" option doesn't actually do SSL. It uses a hard-coded
handshake, and the purpose is not encryption, but to trick firewalls. See
e.g.
https://groups.google.com/forum/#!topic/discuss-webrtc/YDPjHjSVkPM

Boris

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users