[Live-devel] RTSPS and PKI

BENMOUSSA Yahia - Contractor yahia.benmoussa at external.thalesgroup.com
Wed Jul 9 06:30:08 PDT 2025


Classified as: {OPEN}

OK, I understand you don't want to modify the RTSPCLient constructor. However, is it possible to add a verify_callback in ClientTLSState::setup() and let openSSL check the certificate validity using the OS certificate  store?  There will be no impact on the interfaces. 

Then, certificate check can be activated using a conditional compilation macro depending on user's preference. 

Regarding the previously highlighted problem, I think it is not related to the last changes. 

Actually, the problem occurs also in case of a failed TLS connection between (openRTSP + certificate validity check)  and a not modified testOndemandRTSPServer.

Regards.
Yahia





{OPEN}

-----Message d'origine-----
De : live-devel <live-devel-bounces at us.live555.com> De la part de Ross Finlayson
Envoyé : mercredi 9 juillet 2025 04:43
À : LIVE555 Streaming Media - development & use <live-devel at us.live555.com>
Objet : Re: [Live-devel] RTSPS and PKI

I’m not sure I understand this.  If the ‘problem’ occurs only in your modified version of the code, then if is of no interest to me.  (In particular, I will *not* be adding a ‘certificate file name’ parameter to the “RTSPClient” constructor; RTSP clients should not have to deal directly with certificates; they need only a “rtsps:” URL.)

If you can identify a problem with the unmodified code, then let us know.


Ross Finlayson
Live Networks, Inc.
http://secure-web.cisco.com/1xNzzQFTunhQXM6ru5qZg1RV8RVHfiH4CgA4u1mg__aEEdvcUL5kkcS_qjwBNjnoOozwjt5kSTwsbZPV_mEZHpdB87g2OPW1QKVmpQtghY8wk1fSAZz6qYLR-v8ieobHwGoUBaAk0-HBuZ7smCWfqH9vJ7aWh4CsYGCIZpmOTnuWH0SbxAKkUBt3KIpCfZFlI3Q6Zg9Z8cjoLHaajHZpaf4PXGI8dOYwg8r8XLwmtRl3OojIvuu_d6S7QMYGH7km8fA5yOtRUqTl92YT-ZuXZh5FMTw2h8V_6Uw-bLriBpsd0FQ6FzvKEysnGkb_C2M792QruxeNRMoVASPE6KV1pTQ3QFMw3meVwov5ETSLReB8/http%3A%2F%2Fwww.live555.com%2F


_______________________________________________
live-devel mailing list
live-devel at lists.live555.com
http://secure-web.cisco.com/18Ys_AILJEed4R9FPEYxMHLoQSPmyh5fKLax4n3B1q8n0aESuvwUWdcesv8e8YIZAdo8OrqTMfZ26qYJ07witKvfYdmGATIFHhos-Tk2-74ZXsVy2ArLaejjLnWtwb_5jB8MjE_kB_hy9TY-OhyZzbKg0OgSZ7BzcvnIlp_FXyymai962YldhB4-qzKY2vShDkk23PSQJ3p0SnFTRXz_iUc102dpheI2y8rS6Cza7unGjmhlJJGwoKNRhGsxgFg4BeUVPe6D_M-EimbfI_vn2KiWc5oFpJCaWnZyoc891gR3PSWhPQKtoiqLjvYR9wHJBTQtYhSiLbMwDKnJZHw6W6-rdvSoKvS2Xxkv9Ni6w3do/http%3A%2F%2Flists.live555.com%2Fmailman%2Flistinfo%2Flive-devel



More information about the live-devel mailing list