0

About a year ago, I wrote a video player for a proprietary video format that uses WebAssembly, WebGL, and WebSockets. It was working great until the most recent versions of Chrome, which disable SharedArrayBuffer support unless there are a bunch of server settings pertaining to cross-site scripting AND we use HTTPS with a valid SSL certificate. Something to do with the Spectre virus.

The problem is that we're not developing a website. This is a LAN network appliance that just happens to use a web-based front-end. It seems untenable to buy an SSL certificate for every single customer who uses one of these devices on their private LAN.

(Also, the Java code I wrote to support WebSockets on the server side doesn't support HTTPS encryption, I honestly have no idea how to do it, and it seems like it would be massive overkill to encrypt this data stream.)

What is the expected way that developers are expected to handle WASM support in this kind of scenario?

Thanks.

Timothy Miller
  • 1,527
  • 4
  • 28
  • 48
  • 1
    You can use self-signed certificates, but they need to be explicitly added to the trust list on each client. – tromgy Nov 08 '21 at 22:24
  • Thanks, @tromgy. Can we generate these dynamically on our appliance? – Timothy Miller Nov 08 '21 at 23:14
  • I'm not sure what do you mean by "dynamically", but you could use for example **openssl** to generate the self-signed certificates. You don't want to generate them too often, as they need to be manually trusted on each client every time they change. – tromgy Nov 09 '21 at 12:12
  • Dynamically, like the first time the appliance is fired up, we could generate a certificate and have the user accept that, and then they'd be good to go for a long time. Would that work? Thanks. – Timothy Miller Nov 09 '21 at 14:01
  • Yes, this should work, you can write some script that will generate the self-signed certificate, and run it on server startup. – tromgy Nov 09 '21 at 22:37

0 Answers0