Closed Tanmay49 closed 4 months ago
We were able to figure out the problem with our implementation. --> Firstly, the allocation problem was that we were making a tcp connection from the web client(here:chrome browser) but the web client was generating udp ice candidates. So we had to change the tcp listener to an udp listener on the TURN server. --> Secondly, there is an issue with the way CA certs work. The current webRTC library does not use the provided support for custom CA cert in the certpool hence it was giving us BadCertificate error on the TURN server and signed by unknown authority on the device (here:Raspberry PI). We added the certificate to the OS and then it was working as the DTLS connection does not support using the certificate programatically. @Sean-Der can we make a PR for this ? We were thinking of adding it to the settings engine and then to the agent so it will be accessible in the gatherCandidateRelay method.
Your environment.
—> Certificates
—> Auth:
—> Business Logic:
The devices generate the offer which is transferred to the client (here Web Browser- Chrome). the client accepts and generates answer which is transferred to the device. For this SDP transfer we are using MQTT.
Device (here: Raspberry Pi with a camera)
Client(Web Browser:Chrome)
TURN Server
What did we try?
https://github.com/pion/dtls/blob/master/examples/listen/selfsign/main.go
This creates a successful connection and there is a successful handshake.The problem here is that we cannot create a webrtc Peer connection on top of this.
This creates a successful DTLS connection with the server. This also fails and throws error Bad Certificates when wrong certificates are provided which is the expected behaviour.
What should we expect?