1660839 – [RHEL8] Bluejeans is missing video

Bug 1660839 - [RHEL8] Bluejeans is missing video

Summary: [RHEL8] Bluejeans is missing video

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	crypto-policies
Sub Component:
Version:	8.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	low
Severity:	low
Target Milestone:	rc
Target Release:	8.0
Assignee:	Tomas Mraz
QA Contact:	BaseOS QE Security Team
Docs Contact:	Mirek Jahoda
URL:
Whiteboard:
Depends On:
Blocks:	1678350
TreeView+	depends on / blocked

Reported:	2018-12-19 10:35 UTC by Martin Stransky
Modified:	2019-05-03 12:28 UTC (History)
CC List:	15 users (show)
Fixed In Version:
Doc Type:	Deprecated Functionality
Doc Text:	.TLS 1.0 and TLS 1.1 are deprecated The TLS 1.0 and TLS 1.1 protocols are disabled in the `DEFAULT` system-wide cryptographic policy level. If your scenario, for example, a video conferencing application in the Firefox web browser, requires using the deprecated protocols, switch the system-wide cryptographic policy to the `LEGACY` level: ---- # update-crypto-policies --set LEGACY ---- For more information, see the link:https://access.redhat.com/articles/3642912[Strong crypto defaults in RHEL 8 and deprecation of weak crypto algorithms] Knowledgebase article on the Red Hat Customer Portal and the `update-crypto-policies(8)` man page.
Clone Of:
Environment:
Last Closed:	2019-05-03 10:14:25 UTC
Type:	Bug
Target Upstream Version:
Dependent Products:

Attachments	(Terms of Use)

Description Martin Stransky 2018-12-19 10:35:05 UTC

Description of problem:

RHEL8 has a trouble with Bluejeans.
Once someone connects to a bluejeans session beyond himself he just gets an
endless spinners saying 'waiting on video'.

Comment 2 Martin Stransky 2018-12-21 08:30:05 UTC

After some investigation it looks like the WebRTC on RHEL8 does not receive any data so there's no content to show - but not sure why that happens.

Comment 5 Jan Horak 2019-01-04 10:13:14 UTC

It seems that webrtc connection needs TLS 1.1 which is disabled by default in RHEL8. The workaround for this is:
sudo update-crypto-policies --set LEGACY
Switching to nss component as long as we can't do much about in from the Firefox point of view.

Debugging info:
the call of ssl3_NegotiateVersion fails with SSL_ERROR_UNSUPPORTED_VERSION
can be debugged with:
$ export MOZ_LOG="mtransport:5"
$ firefox

Comment 6 Tomas Mraz 2019-01-04 14:41:55 UTC

I would say this is by-design and there is a workaround. BlueJeans should not require TLS-1.1.

Note You need to log in before you can comment on or make changes to this bug.