Open ErikCumps opened 5 months ago
refer to #909
I don't mind on which issue this gets fixed, as long as it gets fixed. :blush:
Browsers are more and more reluctant to connect with plain http sites (like it or not) and there is really, really no point at all in using a TLS certificate for a webserver that is not matching the identity of that server.
So please fix the invalid TLS certificate on https://ciscobinary.openh264.org/, so that web browsers can load that link without security warnings.
Seeing as #909 is closed without fixing the certificate issue, I understand this issue will not get fixed there.
So please fix it here.
Browsers are more and more reluctant to connect with plain http sites (like it or not) and there is really, really no point at all in using a TLS certificate for a webserver that is not matching the identity of that server.
So please fix the invalid TLS certificate on https://ciscobinary.openh264.org/, so that web browsers can load that link without security warnings.
Many firewalls started to block http urls so when installer tries to download the binary using http then the firewall blocks it and it is bad approach to ask users to disable firewall for the installer.. So you can not even do fingerprint checking as you have suggested since you can not even download the file.. Please fix the certificate issue. Thanks
Duplicate of https://github.com/cisco/openh264/issues/3662; solution is simple
Cisco has chosen not to fix it but close issue instead.
Indeed, this is one of many possible solutions.
To be frank, I fail to understand why this issue has not yet been fixed.
Indeed, this is one of many possible solutions.
To be frank, I fail to understand why this issue has not yet been fixed.
There aren't that many possible solutions. As is obvious from response it comes from Akamai. The only workable solution with it is to externally create and then upload certificate so Akamai can terminate TLS and CDN cache as normal.
The ciscobinary.openh264.org web server is using an invalid certificate. (see screenshot)
This causes the automatic dowload (or update) of the plugin to fail for firefox.
As a workaround, a certificate exception can be added to firefox, but this may not always be possible.