Certificat TLS inacceptable with GStreamer X86 on Windows
941 views
Skip to first unread message
Castillejos Nicolas
May 19, 2016, 4:33:11 AM5/19/16
to gstreamer-java
Hi,
I'm trying to make a video player on Java Swing that connects to a rtsps stream (rtsp over https).
When gstreamer tries to connect to the rtsps uri I get this error :
0:00:01.886802324 1516 1D03B838 ERROR default gstrtspconnection.c:937:gst_rtsp_connection_connect: failed to connect: Certificat TLS inacceptable
I know that I have to put somewhere a ca-certificates.crt file that contains my certificate but I don't know where ?
I've tried in the ssl/certs/ca-certificates.crt in the launch path of my java program but it doesn't work.
Maybe there is something to do in the code ?
Do you have any idea ?
Thanks
Nicolas Castillejos
I'm trying to make a video player on Java Swing that connects to a rtsps stream (rtsp over https).
When gstreamer tries to connect to the rtsps uri I get this error :
0:00:01.886802324 1516 1D03B838 ERROR default gstrtspconnection.c:937:gst_rtsp_connection_connect: failed to connect: Certificat TLS inacceptable
I know that I have to put somewhere a ca-certificates.crt file that contains my certificate but I don't know where ?
I've tried in the ssl/certs/ca-certificates.crt in the launch path of my java program but it doesn't work.
Maybe there is something to do in the code ?
Do you have any idea ?
Thanks
Nicolas Castillejos
Neil C Smith
May 19, 2016, 5:48:52 AM5/19/16
to gstream...@googlegroups.com
Hi,
On 19 May 2016 at 09:33, Castillejos Nicolas <djos...@gmail.com> wrote:
> I know that I have to put somewhere a ca-certificates.crt file that contains
> my certificate but I don't know where ?
>
> I've tried in the ssl/certs/ca-certificates.crt in the launch path of my
> java program but it doesn't work.
>
> Maybe there is something to do in the code ?
>
> Do you have any idea ?
No, not really. :-) You need to check upstream and see where
GStreamer expects to find these - presumably a standard system
location. Have you tried using gst-launch on the command line to get
a functional pipeline first?
Also, if you're not using it already, get used to using the
gst-inspect tool on the command line. Running it on rtspsrc suggests
there's a tls-validation-flags property that you can set on the
element. Of course, that's not something you'd ideally want to mess
with for production code.
Best wishes,
Neil
--
Neil C Smith
Artist : Technologist : Adviser
http://neilcsmith.net
Praxis LIVE - hybrid visual IDE for creative coding - www.praxislive.org
Digital Prisoners - interactive spaces and projections -
www.digitalprisoners.co.uk
On 19 May 2016 at 09:33, Castillejos Nicolas <djos...@gmail.com> wrote:
> I know that I have to put somewhere a ca-certificates.crt file that contains
> my certificate but I don't know where ?
>
> I've tried in the ssl/certs/ca-certificates.crt in the launch path of my
> java program but it doesn't work.
>
> Maybe there is something to do in the code ?
>
> Do you have any idea ?
GStreamer expects to find these - presumably a standard system
location. Have you tried using gst-launch on the command line to get
a functional pipeline first?
Also, if you're not using it already, get used to using the
gst-inspect tool on the command line. Running it on rtspsrc suggests
there's a tls-validation-flags property that you can set on the
element. Of course, that's not something you'd ideally want to mess
with for production code.
Best wishes,
Neil
--
Neil C Smith
Artist : Technologist : Adviser
http://neilcsmith.net
Praxis LIVE - hybrid visual IDE for creative coding - www.praxislive.org
Digital Prisoners - interactive spaces and projections -
www.digitalprisoners.co.uk
Castillejos Nicolas
May 19, 2016, 8:47:31 AM5/19/16
to gstreamer-java
Hi Neil,
Thanks for your response.
I already have a working pipeline that works great when accessing the same video stream in rtsp.
It is only when I access this stream in rtsps that it doesn't work,
It is only when I access this stream in rtsps that it doesn't work,
For information I already succeed to make it work with GStreamer on android platform where you have to put the certificate here : assets/ssl/certs/ca-certificates.crt
But on Windows I can't find where.
I already have checked upstream and it seems that it is the gnutls lib that looks into linux standard path like /etc/ssl/certs or /usr/ssl/certs/
But in windows, I think that it can't works that way...
In my pipeline , I use playbin that makes all the work for me.
Is it possible to set rtspsrc tls-validation-flags flag when i'm using playbin ?
Nicolas Castillejos
But on Windows I can't find where.
I already have checked upstream and it seems that it is the gnutls lib that looks into linux standard path like /etc/ssl/certs or /usr/ssl/certs/
But in windows, I think that it can't works that way...
In my pipeline , I use playbin that makes all the work for me.
Is it possible to set rtspsrc tls-validation-flags flag when i'm using playbin ?
Nicolas Castillejos
Castillejos Nicolas
May 23, 2016, 4:27:03 AM5/23/16
to gstreamer-java
Hi Neil,
This pipeline works great using gst-launch command, but it doesn't work on java :
gst-launch-1.0.exe rtspsrc name=src latency=1000 buffer-mode=1 protocols=4 tls-validation-flags=64 location=rtsps://123.123.123.123:1111/Path src. ! queue ! rtph264depay ! avdec_h264 ! videoconvert ! capsfilter caps=video/x-raw,width=640,height=480 ! autovideosink src. ! queue ! rtpmp4gdepay ! aacparse ! faad ! autoaudiosink
In Java when I play it using the SimpleVideoComponent component I see nothing on screen..
When I play it on the internal windows of gstreamer i can only see the first picture of the video ....
the java binding seems to have a bug, but do you know a good method to find it ?
Thanks,
Nicolas Castillejos
Nicolas Castillejos
Le jeudi 19 mai 2016 11:48:52 UTC+2, neilcsmith.net a écrit :
Castillejos Nicolas
May 26, 2016, 4:32:15 AM5/26/16
to gstreamer-java
I heard on forums that gst-launch was doing more things than c++ code or java like linking automatically pads ,
I try to do it myself in my java code. Maybe I'm forgetting something....
can you read the attached file and tell me if I'm forgetting something please ?
Nicolas Castillejos
Neil C Smith
May 26, 2016, 5:47:32 AM5/26/16
to gstream...@googlegroups.com
Hi Nicolas,
On 26 May 2016 at 09:32, Castillejos Nicolas <djos...@gmail.com> wrote:
> I heard on forums that gst-launch was doing more things than c++ code or
> java like linking automatically pads ,
> I try to do it myself in my java code. Maybe I'm forgetting something....
>
> can you read the attached file and tell me if I'm forgetting something
> please ?
I've not done anything with PAD_ADDED signals myself yet, and it's
possible that there's a bug in the bindings around them.
However, my understanding is that gst_parse_bin_from_description used
in Bin.launch() will handle dynamic connections internally in the same
way as the command line launch, so some of your pad added code may be
conflicting with that.
Don't know if someone else can help out with this? Is there a
publicly accessible source we can all try against?
On 26 May 2016 at 09:32, Castillejos Nicolas <djos...@gmail.com> wrote:
> I heard on forums that gst-launch was doing more things than c++ code or
> java like linking automatically pads ,
> I try to do it myself in my java code. Maybe I'm forgetting something....
>
> can you read the attached file and tell me if I'm forgetting something
> please ?
possible that there's a bug in the bindings around them.
However, my understanding is that gst_parse_bin_from_description used
in Bin.launch() will handle dynamic connections internally in the same
way as the command line launch, so some of your pad added code may be
conflicting with that.
Don't know if someone else can help out with this? Is there a
publicly accessible source we can all try against?
Castillejos Nicolas
May 27, 2016, 10:54:38 AM5/27/16
to gstreamer-java
Hi Neil,
Thanks for your answer.,
i've made a stream accessible if you want to test, it's here :rtsps://video-swing.dyndns.org:554/EdgeApplication/W8OTJCDadJyoxckQBcNdbEQeqeq
you can start with this pipeline :
Thanks,
rtspsrc name=src latency=1000 buffer-mode=1 protocols=4 src. ! queue name=videoqueue ! rtph264depay name=rtph264depay ! avdec_h264 name=avdec_h264 ! videoconvert name=videoconvert ! capsfilter name=capsfilter caps=video/x-raw,width=640,height=480 src. ! queue name=audioqueue ! rtpmp4gdepay name=rtpmp4gdepay ! aacparse name=aacparse ! faad name=faad ! autoaudiosink
Thanks,
Nicolas
Castillejos Nicolas
May 27, 2016, 10:57:51 AM5/27/16
to gstreamer-java
I forgot this :
I set tls-validation-flags to G_TLS_CERTIFICATE_GENERIC_ERROR = (1 << 6);
I set tls-validation-flags to G_TLS_CERTIFICATE_GENERIC_ERROR = (1 << 6);
to bypass ssl certificate verification
Reply all
Reply to author
Forward
0 new messages