TURNS ICE candidates not generated when using Let's Encrypt certificate

jrx-jsj · April 11, 2019, 6:27am

If I use a TURN server (coturn) with only a turns: scheme URL, and this TURN server use a valid Let’s Encrypt certificate, relay candidates are never generated. This is happening for both iOS and Android. If I use a GoDaddy certificate, candidates are generated.

Relay candidates with Let’s Encrypt certificate are properly generated in web browsers and also in Android WebView.

I tried to take a look into WebRTC source code and they are using here and there tls_cert_verifier, but I didn’t find where it is generated (if any). In some other places it is just set to null.

This was already happening in other similar projects like cordova-plugin-iosrtc

Thanks in advance.

dav · January 21, 2020, 9:44pm

I have the same kind of problem with turns and let’s encrypt certificate. Any news ?

matthew-taf · May 18, 2022, 6:44pm

I think this problem still exists, did anyone figure out why it’s happening?

matthew-taf · May 20, 2022, 12:36am

It appears to be related to this issue. Switching from Let’s Encrypt to ZeroSSL worked as a workaround.

matthew-taf · May 20, 2022, 12:32pm

Actually this was weirder: Version of react-native-webrtc > 1.100.0 include the Mozilla CA bundle. However, RSA-4096 certificates seems to break TURNS on iOS. Downgrading to a RSA-2048 certificate from Let’s Encrypt worked with react-native-webrtc 1.100.0.

Topic		Replies	Views
event.target.iceConnectionState never connected Help	8	1247	January 24, 2020
iceConnectionState goes from checking to failed Android	8	1608	September 26, 2023
React-native-webrtc (ios): Relay candidates from turn servers can be retrieved only in Debug mode Help	0	599	June 26, 2020
Everything works except Turn servers Help	2	554	November 16, 2020
Can't Answer in RN Webrtc app when Freeswitch calls	11	1464	December 11, 2019

TURNS ICE candidates not generated when using Let's Encrypt certificate

Related topics