Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mumble doesn't consider a TLS cert to match if the hostname is resolved via SRV #6712

Closed
ldesgoui opened this issue Jan 21, 2025 · 1 comment
Closed

Mumble doesn't consider a TLS cert to match if the hostname is resolved via SRV #6712

ldesgoui opened this issue Jan 21, 2025 · 1 comment
Labels
bug A bug (error) in the software triage This issue is waiting to be triaged by one of the project members

Comments

@ldesgoui
Copy link

Description

I have an SRV record for my hostname, I'm trying to serve a TLS cert for that hostname, Mumble is refusing to consider it valid.
I couldn't try with a cert for _mumble._tcp.<the hostname> as LetsEncrypt forbids it, since it wouldn't be a valid FQDN.

Steps to reproduce

  1. Set up a SRV record (i.e. _mumble._tcp.example.com)
  2. Acquire a TLS certificate for the hostname (i.e. example.com)
  3. Run murmur
  4. Connect to the server via the hostname (i.e. example.com)

Mumble version

1.5.0

Mumble component

Client

OS

Linux

Reproducible?

Yes

Additional information

No response

Relevant log output



Screenshots


Image

      		
    

      
  





        



            

              
            

        

      


      
    








      

    



      

  
            

    

      
    

    


      

          @ldesgoui
ldesgoui




            added
      

  bug

  A bug (error) in the software

      

  triage

  This issue is waiting to be triaged by one of the project members

  labels


      Jan 21, 2025

    

  








      

  
      



  

  @ldesgoui





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      



      

  Author


  


  

    

  





      


        


  
    

      
          
I just realized I should have tried adding the SRV target to the TLS cert, that's very logical in hindsight, and that fixed the problem

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
            

    











  
  

    

      

  





  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                  




    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

      

    bug

  A bug (error) in the software
  

    triage

  This issue is waiting to be triaged by one of the project members








      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          
  

    

      

        
          

            
    

    Development
  




              
    
No branches or pull requests







        
      

    

  


      

    

  
      

  

    

      1 participant
    

    

        
          @ldesgoui