Firefox ice trickle not working for coturn configured with ip

[Gaurav Garg]

I have created coturn on aws machine. I have configured coturn to use ssl traffic. For this i have installed ip certificate on coturn server.

I am testing coturn server using this link .

SSl works fine on chrome but i am facing issue on firefox and safari browser.

It is working fine on firefox when i am using turn:<turnserver>:<port> but if i am using turns:<turnserver>:<port> only local sdp is being generated.

I tried to debug further using wireshark but no packet was sent to turnserver when i clicked on gather candidate button. 

[Damien Fétis]

Hi, 

Are you using your turnserver IP or your turnserver DNS for your test ?

To use the turns (turn over SSL) you should use the server DNS to be sure the certificate can be validated by the browser.

Regards,

Damien

[Gaurav Garg]

I am using turn server ip for testing. I have installed correct certificate (ip certificate) on coturn server. Same setup is working fine in chrome but it's not working on firefox

--
You received this message because you are subscribed to a topic in the Google Groups "TURN Server (Open-Source project)" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/turn-server-project-rfc5766-turn-server/UUXq7t5pYNA/unsubscribe.
To unsubscribe from this group and all its topics, send an email to turn-server-project-rfc57...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/turn-server-project-rfc5766-turn-server/609d99ed-a78e-477d-80c9-d2a955a13f74n%40googlegroups.com.

[Damien Fétis]

You must use the server FQDN (the one used for your certificate) and not the server IP to use turns.

On Firefox using ip in turns will also break the ice gatering pocess so you can't see any candidate (and it breaks the test page).

On Chrome you can get your local candidate but not the relay one, so turns also don't work on Chrome using IP.

Regards,

Damien. 

[Gaurav Garg]

Hi Damien,

Actually i want to use load balancing in turn server using ALTERNATE-SERVER option (--alternate-server options). In turn server config it is asking specifically for alternate server ip in master coturn. That's why i am using an ip certificate for an alternate server. Alternate server config with FQDN does not work.

To view this discussion on the web visit https://groups.google.com/d/msgid/turn-server-project-rfc5766-turn-server/900159e1-d39a-42a6-a7c4-74d2ae0cedc4n%40googlegroups.com.