Shared secret format

[Andrej Rapoport]

Hi!

I am confused by the API documentation. What is the exact format of the shared secret to be used?

Docs (https://docs.bigbluebutton.org/dev/api.html#configuration) say:

When you first install BigBlueButton on a server, the packaging scripts create a random 32 character sharedSecret

After fresh install the shared secret was 43 characters long.

Docs also say:

The following command will create a new 32 character shared secret for your server

$ sudo bbb-conf --setsecret \$(openssl rand -base64 32 | sed 's/=//g' | sed 's/+//g' | sed 's/\///g')

However this command creates strings of random length and in most cases longer than 32 characters. It's not clear what length shared secret should have. Should it be encoded with base64 afterwards?

I am using shared secret of exactly 32 characters and on some calls (rather long create calls) I get checksumError (on bbb 2.2b18). The same logic worked without any problems on 1.1.

I would appreciate any help.

Best wishes,

Andrej

[Richard Alam]

The shared secret is any string with any length you want. Treat it like a secure password.

Richard

--
You received this message because you are subscribed to the Google Groups "BigBlueButton-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bigbluebutton-dev/a554b603-3458-4227-a8ab-34a6001b90d0%40googlegroups.com.