Professional Web Applications Themes

rtmps with self-signed certificate - Macromedia Flash Flashcom

Hello, I have a simple Webcam movie, publishing a live-video to an FMS 2.0.2 r51 dev. edition running on Debian 3.1r2 and then playing it back in another video-window. It works fine with rtmp and rtmpt, but with rtmps I get the "NetConnection.Connect.Failed" error. I've prepared a simple test case and gathered all infos here: [url]http://pref.dyndns.org:8080/live/live.html[/url] The certificate has been created by me this way: openssl req -x509 -days 365 -newkey rsa:1024 \ -out self-signed-certificate.pem -keyout pub-sec-key.pem And put into defaultRoot_/Adaptor.xml: <HostPort name="edge1" ctl_channel=":19350">:1935,80,-443</HostPort> .....skipped.... <SSLCertificateFile>/home/afarber/certs/self-signed-certificate.pem</SSLCertific ateFile> <SSLCertificateKeyFile type="PEM">/home/afarber/certs/pub-sec-key.pem</SSLCertificateKeyFile> <SSLPassPhrase>secret</SSLPassPhrase> <SSLCipherSuite>ALL:!ADH:!LOW:!EXP:!MD5:STRENGT H</SSLCipherSuite> I'm sure the server is running as I ...

  1. #1

    Default rtmps with self-signed certificate

    Hello,

    I have a simple Webcam movie, publishing a live-video
    to an FMS 2.0.2 r51 dev. edition running on Debian 3.1r2
    and then playing it back in another video-window.

    It works fine with rtmp and rtmpt, but with rtmps I get
    the "NetConnection.Connect.Failed" error.

    I've prepared a simple test case and gathered all
    infos here: [url]http://pref.dyndns.org:8080/live/live.html[/url]

    The certificate has been created by me this way:
    openssl req -x509 -days 365 -newkey rsa:1024 \
    -out self-signed-certificate.pem -keyout pub-sec-key.pem

    And put into defaultRoot_/Adaptor.xml:
    <HostPort name="edge1" ctl_channel=":19350">:1935,80,-443</HostPort>
    .....skipped....

    <SSLCertificateFile>/home/afarber/certs/self-signed-certificate.pem</SSLCertific
    ateFile>
    <SSLCertificateKeyFile
    type="PEM">/home/afarber/certs/pub-sec-key.pem</SSLCertificateKeyFile>
    <SSLPassPhrase>secret</SSLPassPhrase>
    <SSLCipherSuite>ALL:!ADH:!LOW:!EXP:!MD5:STRENGT H</SSLCipherSuite>

    I'm sure the server is running as I see in the /var/log/messages:
    localhost Adaptor[2675]: Listener started ( _defaultRoot__edge1 ) : 443
    (secure)

    I've also tried putting
    import mx.remoting.Service;
    import mx.services.Log;
    import mx.remoting.debug.NetDebug;
    NetDebug.initialize();

    at the top of my AS-code, but the NetConnection Debugger
    window displays no inforamtion at all, for some reason:
    [url]http://pref.dyndns.org:8080/live/netdebug-empty.gif[/url]

    Regards
    Alex

    afarber Guest

  2. #2

    Default Re: rtmps with self-signed certificate

    I've found the solution -

    There is a bug in the current Flash player:
    if a dialog window pop-ups for any reason
    (like unknown CA or not matching hostname)
    then the cert will be rejected even if you
    click on "Yes".

    So you generate a self-signed cert like this:

    openssl genrsa -des3 -out ca.key 4096
    openssl req -new -x509 -days 365 -key ca.key -out ca.crt

    openssl genrsa -des3 -out server.key 4096
    openssl req -new -key server.key -out server.csr

    openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key
    -set_serial 01 -out server.crt

    (increase the 01 above for each new cert).

    and then import the ca.crt from above into your
    browsers (i.e. double-click it on Windows for IE
    and also open it from Mozilla Firefox and click OK).

    Regards
    Alex


    afarber Guest

  3. #3

    Default Re: rtmps with self-signed certificate

    I just verified this with Flash Player 7 and 9.
    The mentioned bug is fixed in Flash Player 9.
    gratiscam.nl Guest

Similar Threads

  1. RTMPS how-to
    By jfgxcom in forum Macromedia Flash Flashcom
    Replies: 1
    Last Post: October 3rd, 01:27 AM
  2. rtmps with self-signed cert fails, while rtmp and rtmpt work ok
    By A. Farber in forum Macromedia Flash Flashcom
    Replies: 0
    Last Post: August 6th, 09:13 PM
  3. Replies: 1
    Last Post: July 21st, 03:54 PM
  4. Self-signed SSL certificate
    By Kuba in forum Macromedia Flash
    Replies: 0
    Last Post: December 1st, 11:50 AM
  5. Certificate Server and Windows XP - Cannot install certificate
    By Justin Tyme in forum Windows Setup, Administration & Security
    Replies: 0
    Last Post: July 15th, 04:57 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139