Wowza Community

SSL problem

Hi, I am using VLC to play HLS stream from our Wowza servers, all works great until I try to pass the key over SSL, when I try to get the key over https i get an erorr from gnutls (VLC SSL’s plugin) saying:

“The Diffie Hellman prime sent by the server is not acceptable (not long enough).”

now I have 2 options:

  1. Patch the gnutls code with whoknowswhat.

  2. Ask you guys if u know what the issue is and if there is a way to thell Wowza to send a longer prime?

thanks

Shay.

Shay,

I’m not sure it will help, but take a look at this post on recent SSL improvments

And there is a recent add to this article re setting key length:

https://www.wowza.com/docs/how-to-request-an-ssl-certificate-from-a-certificate-authority

Richard

Thank you Richard, sadly a deepper look into the VLC for Android found many problems (its an early beta after all) so we ditched this path, do you know any other HLS implementation for Android by any chance?

Shay,

Have you tried putting the HLS (Cupertino) stream URL as a standard webpage hyperlink? Many Android devices support Cupertino natively in the player now. You can also type the URL into the browser bar, or the Android video player(s).

Shay,

Have you tried putting the HLS (Cupertino) stream URL as a standard webpage hyperlink? Many Android devices support Cupertino natively in the player now. You can also type the URL into the browser bar, or the Android video player(s).

Randal, I’m running into a similar problem. I can play HLS videos over HTTPS on Android from other sources (https://developer.apple.com/resources/http-streaming/examples/basic-stream.html), but trying to play the video from Wowza gives me an error (CromiumHTTPDataSourceSupport: Request failed with status 4 and os_error -104)

The HTTPS Wowza URL plays fine in MacOS and iOS, just Android has problems.

I’m suspecting it’s the same problem as with VLC, where gnutls doesn’t like the shorter Diffie-Hellman prime, but I’m just guessing there…

If this IS the problem, is there any way to configure Wowza (currently running 3.5.0) to change the SSL handshaking parameters?

[I’ve also posted a similar request for help on the Android side.]