[jitsi-users] TLS Configuration in Jitsi?


#1

I am using libjingle on Android against Jitsi. The peer connection seems to be set up fine, until I see " DTLS timeout expired".

From the log I can see that streams are ready and candidates are exchanged:

07-29 10:19:05.582 17169-24741/live.attach.testcontainer I/ACodec: setupVideoEncoder succeeded
07-29 10:19:05.591 17169-24565/live.attach.testcontainer I/libjingle: (port.cc:1319): Jingle:Conn[0xaece5c00:audio:Ksb+EJY1:1:0:local:udp:192.168.0.x:46570->aSyLWfvv:1:2113932031:local:udp:192.168.0.x:10000|CRWS|9079268943356378622|2282]: Received STUN ping response, id=2f436d4d55477142554d7857, code=0, rtt=131, use_candidate=0, pings_since_last_response=
07-29 10:19:05.591 17169-24565/live.attach.testcontainer I/libjingle: (opensslstreamadapter.cc:756): BeginSSL: with peer
07-29 10:19:05.592 17169-24565/live.attach.testcontainer I/libjingle: (dtlstransportchannel.cc:586): Jingle:Channel[audio|1|__]: DtlsTransportChannelWrapper: Started DTLS handshake

and short after:

07-29 10:19:05.641 17169-24565/live.attach.testcontainer I/libjingle: (opensslstreamadapter.cc:906): DTLS timeout expired

With Wireshark I can see a ClientHello, but no response from Jitsi.

Contrary, when using P2P without Jitsi, I see these lines, instead:

07-29 08:27:39.583 11573-26220/live.attach.testcontainer I/libjingle: (opensslidentity.cc:43): Making key pair
07-29 08:27:39.586 11573-26220/live.attach.testcontainer I/libjingle: (opensslidentity.cc:84): Returning key pair
07-29 08:27:39.586 11573-26220/live.attach.testcontainer I/libjingle: (opensslidentity.cc:91): Making certificate for WebRTC
07-29 08:27:39.591 11573-26220/live.attach.testcontainer I/libjingle: (opensslidentity.cc:139): Returning certificate

And then this:

07-29 08:27:42.983 11573-26220/live.attach.testcontainer I/libjingle: (opensslstreamadapter.cc:1088): Accepted peer certificate.
07-29 08:27:42.995 11573-26220/live.attach.testcontainer I/libjingle: (dtlstransportchannel.cc:544): Jingle:Channel[audio|1|__]: DTLS handshake complete.
07-29 08:27:42.995 11573-26220/live.attach.testcontainer I/libjingle: (transportcontroller.cc:554): audio TransportChannel 1 writability changed to 1.
07-29 08:27:42.995 11573-26220/live.attach.testcontainer I/libjingle: (channel.cc:928): Channel writable (audio) for the first time
07-29 08:27:42.995 11573-26220/live.attach.testcontainer I/libjingle: (channel.cc:936): Using Cand[:2367656776:1:udp:2122260223:192.168.0.x:50951:local::0:nsAv:Fzo72A/8S6NFVbOfhDiL6ETY:3:10:0]->Cand[:1983707563:1:udp:1853824767:192.168.0.x:60327:prflx::0:BcFl:iAfPAeLrAreAHPwmH0PgXxti:3:10:0]
07-29 08:27:42.995 11573-26220/live.attach.testcontainer I/libjingle: (channel.cc:995): Installing keys from DTLS-SRTP on audio RTP
07-29 08:27:43.072 11573-26220/live.attach.testcontainer I/libjingle: (srtpfilter.cc:150): SRTP activated with negotiated parameters: send cipher_suite 1 recv cipher_suite 1
07-29 08:27:43.072 11573-26220/live.attach.testcontainer I/libjingle: (channel.cc:928): Channel writable (video) for the first time
07-29 08:27:43.072 11573-26220/live.attach.testcontainer I/libjingle: (channel.cc:936): Using Cand[:2367656776:1:udp:2122260223:192.168.0.x:50951:local::0:nsAv:Fzo72A/8S6NFVbOfhDiL6ETY:3:10:0]->Cand[:1983707563:1:udp:1853824767:192.168.0.x:60327:prflx::0:BcFl:iAfPAeLrAreAHPwmH0PgXxti:3:10:0]
07-29 08:27:43.072 11573-26220/live.attach.testcontainer I/libjingle: (channel.cc:995): Installing keys from DTLS-SRTP on video RTP
07-29 08:27:43.072 11573-26220/live.attach.testcontainer I/libjingle: (srtpfilter.cc:150): SRTP activated with negotiated parameters: send cipher_suite 1 recv cipher_suite 1

Looks like Jitsi doesn't want to talk to libjingle.

Is there documentation about configuring TLS in Jitsi? Is this configurable and/or will I need to configure this?

Oliver.