[Live-devel] RTSPS and PKI
BENMOUSSA Yahia - Contractor
yahia.benmoussa at external.thalesgroup.com
Wed Jul 9 06:30:08 PDT 2025
Classified as: {OPEN}
OK, I understand you don't want to modify the RTSPCLient constructor. However, is it possible to add a verify_callback in ClientTLSState::setup() and let openSSL check the certificate validity using the OS certificate store? There will be no impact on the interfaces.
Then, certificate check can be activated using a conditional compilation macro depending on user's preference.
Regarding the previously highlighted problem, I think it is not related to the last changes.
Actually, the problem occurs also in case of a failed TLS connection between (openRTSP + certificate validity check) and a not modified testOndemandRTSPServer.
Regards.
Yahia
{OPEN}
-----Message d'origine-----
De : live-devel <live-devel-bounces at us.live555.com> De la part de Ross Finlayson
Envoyé : mercredi 9 juillet 2025 04:43
À : LIVE555 Streaming Media - development & use <live-devel at us.live555.com>
Objet : Re: [Live-devel] RTSPS and PKI
I’m not sure I understand this. If the ‘problem’ occurs only in your modified version of the code, then if is of no interest to me. (In particular, I will *not* be adding a ‘certificate file name’ parameter to the “RTSPClient” constructor; RTSP clients should not have to deal directly with certificates; they need only a “rtsps:” URL.)
If you can identify a problem with the unmodified code, then let us know.
Ross Finlayson
Live Networks, Inc.
http://secure-web.cisco.com/1xNzzQFTunhQXM6ru5qZg1RV8RVHfiH4CgA4u1mg__aEEdvcUL5kkcS_qjwBNjnoOozwjt5kSTwsbZPV_mEZHpdB87g2OPW1QKVmpQtghY8wk1fSAZz6qYLR-v8ieobHwGoUBaAk0-HBuZ7smCWfqH9vJ7aWh4CsYGCIZpmOTnuWH0SbxAKkUBt3KIpCfZFlI3Q6Zg9Z8cjoLHaajHZpaf4PXGI8dOYwg8r8XLwmtRl3OojIvuu_d6S7QMYGH7km8fA5yOtRUqTl92YT-ZuXZh5FMTw2h8V_6Uw-bLriBpsd0FQ6FzvKEysnGkb_C2M792QruxeNRMoVASPE6KV1pTQ3QFMw3meVwov5ETSLReB8/http%3A%2F%2Fwww.live555.com%2F
_______________________________________________
live-devel mailing list
live-devel at lists.live555.com
http://secure-web.cisco.com/18Ys_AILJEed4R9FPEYxMHLoQSPmyh5fKLax4n3B1q8n0aESuvwUWdcesv8e8YIZAdo8OrqTMfZ26qYJ07witKvfYdmGATIFHhos-Tk2-74ZXsVy2ArLaejjLnWtwb_5jB8MjE_kB_hy9TY-OhyZzbKg0OgSZ7BzcvnIlp_FXyymai962YldhB4-qzKY2vShDkk23PSQJ3p0SnFTRXz_iUc102dpheI2y8rS6Cza7unGjmhlJJGwoKNRhGsxgFg4BeUVPe6D_M-EimbfI_vn2KiWc5oFpJCaWnZyoc891gR3PSWhPQKtoiqLjvYR9wHJBTQtYhSiLbMwDKnJZHw6W6-rdvSoKvS2Xxkv9Ni6w3do/http%3A%2F%2Flists.live555.com%2Fmailman%2Flistinfo%2Flive-devel
More information about the live-devel
mailing list