Bug 1660839 - [RHEL8] Bluejeans is missing video
Summary: [RHEL8] Bluejeans is missing video
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: crypto-policies
Version: 8.0
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: rc
: 8.0
Assignee: Tomas Mraz
QA Contact: BaseOS QE Security Team
Mirek Jahoda
URL:
Whiteboard:
Depends On:
Blocks: 1678350
TreeView+ depends on / blocked
 
Reported: 2018-12-19 10:35 UTC by Martin Stransky
Modified: 2019-05-03 12:28 UTC (History)
15 users (show)

Fixed In Version:
Doc Type: Deprecated Functionality
Doc Text:
.TLS 1.0 and TLS 1.1 are deprecated The TLS 1.0 and TLS 1.1 protocols are disabled in the `DEFAULT` system-wide cryptographic policy level. If your scenario, for example, a video conferencing application in the Firefox web browser, requires using the deprecated protocols, switch the system-wide cryptographic policy to the `LEGACY` level: ---- # update-crypto-policies --set LEGACY ---- For more information, see the link:https://access.redhat.com/articles/3642912[Strong crypto defaults in RHEL 8 and deprecation of weak crypto algorithms] Knowledgebase article on the Red Hat Customer Portal and the `update-crypto-policies(8)` man page.
Clone Of:
Environment:
Last Closed: 2019-05-03 10:14:25 UTC
Type: Bug


Attachments (Terms of Use)

Description Martin Stransky 2018-12-19 10:35:05 UTC
Description of problem:

RHEL8 has a trouble with Bluejeans.
Once someone connects to a bluejeans session beyond himself he just gets an
endless spinners saying 'waiting on video'.

Comment 2 Martin Stransky 2018-12-21 08:30:05 UTC
After some investigation it looks like the WebRTC on RHEL8 does not receive any data so there's no content to show - but not sure why that happens.

Comment 5 Jan Horak 2019-01-04 10:13:14 UTC
It seems that webrtc connection needs TLS 1.1 which is disabled by default in RHEL8. The workaround for this is:
sudo update-crypto-policies --set LEGACY
Switching to nss component as long as we can't do much about in from the Firefox point of view.

Debugging info:
the call of ssl3_NegotiateVersion fails with SSL_ERROR_UNSUPPORTED_VERSION
can be debugged with:
$ export MOZ_LOG="mtransport:5"
$ firefox

Comment 6 Tomas Mraz 2019-01-04 14:41:55 UTC
I would say this is by-design and there is a workaround. BlueJeans should not require TLS-1.1.


Note You need to log in before you can comment on or make changes to this bug.