Jump to content
Community forum has migrated to GitHub Discussions (https://github.com/orgs/ant-media/discussions)! Learn more... ×
  • 0

SSL Problems

Moritz Bastian

Asked by Moritz Bastian,

 Share

Question

  • Answers 12
  • Created
  • Last Reply

Top Posters For This Question

Popular Days

Top Posters For This Question

Popular Days

Posted Images

12 answers to this question

Recommended Posts

  • 0
Mohit Mentor

Mohit

Posted
Posted

Hello Moritz,

I think there were some issues recently with Lets encrypt ssl certifications.
Can you please generate a new one and enable SSL according to https://github.com/ant-media/Ant-Media-Server/wiki/SSL-Setup
For self signed certificates you can refer https://github.com/ant-media/Ant-Media-Server/wiki/Frequently-Asked-Questions#how-to-use-self-signed-certificate-on-ant-media-server

--
Best Regards,
Mohit Dubey

 

Link to comment
Share on other sites
  • 0
Murat Eminoglu Contributor

Murat Eminoglu

Posted
Posted
Hi everyone, 

Let me explain this.

Let's Encrypt was using "DST ROOT CA X3" for certificates and it has been expired on 30 of September 2021. Because of this, since there are not any new CAs in the clients, certificate errors occurred, and Let's Encrypt now uses "ISGR ROOT X1" and "ISRG ROOT X2" as new Root CAs.

To solve the certificate errors, you should import the following certificates (ISGR ROOT X1, ISRG ROOT X2, ) to your computers or other devices.


You may also get a certificate error because the ones in the list below use "DST ROOT CA X3".

Windows >= XP SP3 (assuming Automatic Root Certificate Update isn’t manually disabled)
macOS >= 10.12.1
iOS >= 10 (iOS 9 does not include it)
iPhone 5 and above can upgrade to iOS 10 and can thus trust ISRG Root X1
Android >= 7.1.1 (but Android >= 2.3.6 will work by default due to our special cross-sign)
Mozilla Firefox >= 50.0
Ubuntu >= xenial / 16.04 (with updates applied)
Debian >= jessie / 8 (with updates applied)
Java 8 >= 8u141
Java 7 >= 7u151
NSS >= 3.26

I hope it's clear now.
Regards.


Link to comment
Share on other sites
  • 0
Joseph Brundige Explorer

Joseph Brundige

Posted
Posted
I am very confused as to why you think asking end users to perform a complicated task on their system is a better solution than swapping out the SSL certificate? Even brand new Macbook Pros with updated software have this issue. 

We purchased a wildcard from Setigo and it works great and now all errors are gone. This problem was a nightmare for us last week and cost us a lot of money. I wouldn't recommend anyone stay with Letsencrypt cert. Just my opinion. 

Joe





--



Joe Brundige 
uc?export=download&id=1US9-qeox95jaOftD-rB8BNXKTPvBlFYs&revid=0BxA6OT8_hRlxN21rSkNWKzU3Yk02dXdmRVZ4NS84eGJFc3g4PQ 310.889.8288
uc?export=download&id=1sFwoiXtYa5xnCqOy4PKcaQqkcLJyEU4L&revid=0BxA6OT8_hRlxMVZpWnIvUUM3V2NWSG15RUxoWnZQZ0ZrTFFrPQ 424.444.0555
uc?export=download&id=1QVWfd59UEVraRaXWzyXofwi0tmP4FTla&revid=0BxA6OT8_hRlxU01nZ1Y5T0pwR3VSMEQzaElKdHpPVVo2KzhVPQ
uc?export=download&id=1uZNfyfZ6JxaZ7ukae3CZ4DsyI-ltSJMj&revid=0BxA6OT8_hRlxSFNrcjE5TVBVb25Ib0FTTVdBUWpXckJETXA4PQ
 uc?export=download&id=1i2YbfIgW7iEILibPhJYp29LMAXHOF_Sb&revid=0BxA6OT8_hRlxRXJ4S3pyZlhGNjh4VFdVazE2TVZ6OVJmSE5rPQ

Link to comment
Share on other sites
 Share
Go to question listing
×
×
  • Create New...