Flash falls back to rtmp when using rtmps with Intermediate CA

Bug #1064353 reported by cwd24 on 2012-10-09
20
This bug affects 4 people
Affects Status Importance Assigned to Milestone
flashplugin-nonfree (Ubuntu)
Undecided
Unassigned

Bug Description

This is an upstream issue with Flash on Linux. Reporting this to Adobe directly on September 24 (Bug 3335863 on https://bugbase.adobe.com/) has resulted in no response or acknowledgement.

This has now been confirmed in both 11.2.202.238 and 11.2.202.243 on Ubuntu.

The full bug is as follows:

rtmps fails on Linux if using a certificate signed with an Intermediate CA, falling back to rtmp if default ports haven't been changed.

Steps to Reproduce:
rtmps with proxyType="best" using stunnel with Intermediate Server CA (tested with: StartCom Class 1 Primary Intermediate Server CA)
http://helpx.adobe.com/adobe-connect/kb/secure-connect-pro-meeting-stunnel.html

Actual Result:
NetConnection.Connect.Failed
- fails with Unknown CA, despite Intermediate CA being in the Server Hello (confirmed with wireshark).

Expected Result:
NetConnection.Connect.Success

Any Workarounds:
1. Add Intermediate certificate to the browser's certificate pool.
2. Use a different Operating System. rtmps (rtmp over tls) works on Windows, I haven't tried other Linux distributions.
3. Use Google Chrome on Linux (Pepper-based Flash Player - version 11.4.31.110)

security vulnerability: yes → no
visibility: private → public
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in flashplugin-nonfree (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers