JMP 1.8.1 — ffmpeg requires TLS 1.2 to not return playback error #375
Comments
|
I need the log file here: https://github.com/jellyfin/jellyfin-media-player#log-file-location |
|
@snozinho can you also post the Jellyfin Media Player log(s)? They are in I am having the exact same issue. The specific lines: Log by my reverse proxy (Traefik): I am usually using the following cipher suites due to security: default:
maxVersion: VersionTLS13
cipherSuites:
- TLS_AES_128_GCM_SHA256
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
maxtls12:
maxVersion: VersionTLS12
cipherSuites:
- ECDHE-ECDSA-AES128-GCM-SHA256
- ECDHE-RSA-AES128-GCM-SHA256
- ECDHE-ECDSA-AES256-GCM-SHA384
- ECDHE-RSA-AES256-GCM-SHA384
- ECDHE-ECDSA-CHACHA20-POLY1305
- ECDHE-RSA-CHACHA20-POLY1305Once I turn off the specific cipher suites (not sure which ones Traefik allows by default), the error does not happen and media plays as usual. |
|
|
You are indeed having the same issue. Evidently ffmpeg doesn't support the cipher suites that your reverse proxy is configured to use. |
|
Is there something we can do on our end or will a future update solve that issue? If not, does this mean we are "doomed" to keep the 1.7.1 forever? |
|
You'll have to figure out how to reconfigure your reverse proxy to allow a supported cipher suite. |
|
@iwalton3 @1p1eq11 and anyone wondering, i found out! In DSM 7.1, go to: Control Panel > Security > Advanced > TLS/SSL Profile Level Set default parameters to: Modern Compatibility Next, in Custom Settings below, set System Default to: Intermediate compatibility I don't know why but setting only the jellyfin reverse proxy to intermediate compatibility won't work right away, but I guess letting all other settings to Modern compatibility is still a safe thing to set. If any expert can provide a better answer, I'll edit my post :)
|
|
Error: Playback failed with error "loading failed". Retry with transcode? (Note this may hang the player.) Workaround: Configure your web server to allow TLS 1.2 connections. Cause: The ffmpeg library shipped with the latest MPV package does not support TLS 1.3 |
snozinho
changed the title
|
Reverting MPV to the previously used version (20211212-git-0e76372) solves the issue. @iwalton3 was there a reason behind upgrading MPV to the latest version? |
|
Yes people were asking for the upgraded version for a variety of reasons and it is usually good practice to keep up with these version changes. |
|
I think the issue was caused by upstream changing from libressl to mbedtls. shinchiro/mpv-winbuild-cmake@358b4a3 You could test this by trying a version older than the date of the referenced commit. This doesn't make much sense to me though since they are on the latest mbedtls which support TLS 1.3. Maybe talk to upstream about why TLS 1.3 doesn't seem to work? I'd prefer not to fork upsteam to fix TLS. |
|
I made an MPV build with libressl compiled in again: https://github.com/iwalton3/mpv-winbuild-cmake/releases/tag/v20230304-git-362256e Please let me know if running the latest build works to resolve this issue: https://github.com/jellyfin/jellyfin-media-player/suites/11345988376/artifacts/583190784 |
|
hi @iwalton3 ! I tried to revert to TLS 1.3 after installing the JMP version you sent me (https://github.com/jellyfin/jellyfin-media-player/suites/11345988376/artifacts/583190784) and it works perfectly now. Although, I put it back to TLS 1.2 until an update is rolled out, just for convenience's sake, but problem solved, totally 👍 |
|
Sounds good. This will be fixed in the next release then. |
Describe the bug
After updating to JMP 1.8.1 any attempt to play any media gives a playback error.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Play the media as it used to on version 1.7.1
Screenshots
https://media.discordapp.net/attachments/773650260903591946/1074982167270137886/image.png
Desktop (please complete the following information):
Additional context
log_20230214.log
The text was updated successfully, but these errors were encountered: