Closed valpackett closed 4 months ago
ECDSA should be supported as of c63b918bb26391ee8cf4b8db94ef55fbb6b39e2d (not yet released). Please try a nightly build and see if that works for you.
I'm not sure which platform you are using, but you can find Windows, Mac, Steam Link, and AppImage builds here: https://ci.appveyor.com/project/cgutman/moonlight-qt/branch/master
Closing as fixed in v6.0.0
Is your feature request related to a problem? Please describe.
See https://github.com/LizardByte/Sunshine/issues/1353
Sunshine currently uses the same TLS certificate for both the web UI and communication with Moonlight. It is desirable to not have self-signed certs on the web UI, and @tailscale users are always tempted to run any local service with legit certs because it's really easy to get a Let's Encrypt one with
tailscale cert
. Since LE switched to Elliptic Curve by default, those are the type you get with that command, and currently there's no option to request a particular type (https://github.com/tailscale/tailscale/issues/9768).When moonlight-qt connects to a server with such a certificate, pairing fails with a rather nondescript error in the UI, with "MITM detected" logged on the console.
Describe the solution you'd like
Implement support for ECDSA certificates.
Probably at first also show a warning when one is used, to inform the user that other clients may not support these.
Describe alternatives you've considered
:woman_shrugging: