Ubuntu
flashplugin-nonfree package

Flash falls back to rtmp when using rtmps with Intermediate CA

Bug #1064353 reported by cwd24
20
This bug affects 4 people
Affects Status Importance Assigned to Milestone
flashplugin-nonfree (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

This is an upstream issue with Flash on Linux. Reporting this to Adobe directly on September 24 (Bug 3335863 on https://bugbase.adobe.com/) has resulted in no response or acknowledgement.

This has now been confirmed in both 11.2.202.238 and 11.2.202.243 on Ubuntu.

The full bug is as follows:

rtmps fails on Linux if using a certificate signed with an Intermediate CA, falling back to rtmp if default ports haven't been changed.

Steps to Reproduce:
rtmps with proxyType="best" using stunnel with Intermediate Server CA (tested with: StartCom Class 1 Primary Intermediate Server CA)
http://helpx.adobe.com/adobe-connect/kb/secure-connect-pro-meeting-stunnel.html

Actual Result:
NetConnection.Connect.Failed
- fails with Unknown CA, despite Intermediate CA being in the Server Hello (confirmed with wireshark).

Expected Result:
NetConnection.Connect.Success

Any Workarounds:
1. Add Intermediate certificate to the browser's certificate pool.
2. Use a different Operating System. rtmps (rtmp over tls) works on Windows, I haven't tried other Linux distributions.
3. Use Google Chrome on Linux (Pepper-based Flash Player - version 11.4.31.110)

Jamie Strandboge (jdstrand)
security vulnerability: yes → no
visibility: private → public
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in flashplugin-nonfree (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.