Open cBournhonesque opened 2 months ago
MOZGIII
commented
2 months ago Context on why I think so: https://github.com/BiagioFesta/wtransport/blob/4b25852afdb1a5f2beeb0a8a03eef7db0e7168ac/wtransport/src/endpoint.rs#L668-L670
Maybe latest FF needs something else...
BiagioFesta
commented
2 months ago I was able to connect with firefox 123.0.2 (linux) to wtransport/full.rs.
Of course, as already mentioned in the parent issue, Firefox does not support serverCertificateHashes yet. That means you will need a trusted certificate to make it work.
I understand OP says Google Chrome works with the same certificate, did they set the correct anchors on FF?
Would it be possible to have wtransport server logs?
For example, I'd expect something like
INFO Connection{id=0}: full::webtransport: Result: Err(connection aborted by peer: the cryptographic handshake failed: error 42)Yes, on the second thought, this is most likely due to the lack of the trust to server certificate by FF. It works when set up properly without the serverCertificateHashes.
MOZGIII
commented
2 months ago Actually, Firefox should support serverCertificateHashes - as they have had patches for it in 125a. For me it still doesn't work though...
See the meta bug at their tracker: https://bugzilla.mozilla.org/show_bug.cgi?id=1709355
Here's the (second) fix for the serverCertificateHashes: https://bugzilla.mozilla.org/show_bug.cgi?id=1873263
Apparently the still didn't get it right
easrng
commented
2 weeks ago I'm getting the "WebTransport connection rejected" intermittently, retrying fixes it but it's annoying :/
Hi, I was wondering if there were any caveats/special handling that is needed for Firefox support.
I've had an issue where WebTransport connections get rejected on Firefox. It doesn't seem to be certificate-related, since the exact same code/certificate works on google chrome.
@MOZGIII suggested that it might be on the server side. I quote:
Maybe you have more information?