GNOME Bugzilla – Bug 511097
Support self-signed certificates in neonhttpsrc
Last modified: 2009-05-25 15:27:32 UTC
Currently GStreamer fails when accessing HTTPS servers with self-signed certificates, like those setup by Totem's Publish plugin for instance. Attached is a proof-of-concept patch for supporting self-signed certificates, but I do not know how to fine-tune the behaviour, e.g. which trust problems are acceptable.
Created attachment 103357 [details] [review] Support for self-signed certificates
I'm not a big fan of going down this route without having some sort of application /desktop mechanism and policy for verifying certificates. I may just be ignorant of what is available, though. Basically, we want to avoid just trusting any ol' self-signed certificate (duh).
Snake oil still is better than no HTTPS at all. So for now this just just made work. Learned that playbin clients can watch "notify::source", so its absolutely reasonable to set the property to FALSE by default.
I don't think it hurts to add this with a default of FALSE. commit 46b4d226ca6ed4efa7574ad7bae46af8c73fc7bd Author: Mathias Hasselmann <mathias.hasselmann at gmx.de> Date: Mon May 25 17:24:32 2009 +0200 neonhttp: add property to support SS cerificates Add a property to support self-signed certificates in neonhttpsrc. This property is FALSE by default. Fixes #511097