SUMMARY Using the flatpak runtime org.kde.Platform/x86_64/6.6 it seems to have issues validating SSL certificates on openSUSE hosts. Other distros running the same runtime do work. org.kde.Platform/x86_64/6.5 (previous release) does not have this issue on openSUSE. STEPS TO REPRODUCE 1. Install or build OBS Studio with runtime org.kde.Platform 6.6 using flathub 2. Add a browser source 3. Notice browser sourceces keep empty 4. On X11 using a browser dock it shows an error: "ERR_CERT_AUTHORITY_INVALID URL: https://obsproject.com/browser-source" OBSERVED RESULT - SSL certificates seem to be broken - This seem to only happen on openSUSE as of now. Tested openSUSE Leap 15.5, openSUSE Tumbleweed, openSUSE Aeon and openSUSE Kalpa - With runtime 6.5 everything works as expected on openSUSE - Tested Ubuntu VM using the OBS flatpak and runtime 6.6 and browser sources do still work - Tested a Ubuntu distrobox on an openSUSE host using the OBS Studio dep package and things do work as well EXPECTED RESULT - SSL certs to be validated SOFTWARE/OS VERSIONS Linux/KDE Plasma: openSUSE Aeon Flatpak runtime org.kde.Platform/x86_64/6.6 KDE Plasma Version: Flatpak runtime org.kde.Platform/x86_64/6.6 KDE Frameworks Version: Flatpak runtime org.kde.Platform/x86_64/6.6 Qt Version: Flatpak runtime org.kde.Platform/x86_64/6.6 ADDITIONAL INFORMATION - This issue cam to my attention during: https://github.com/obsproject/obs-studio/issues/10385
(In reply to vortex from comment #0) > SUMMARY > Using the flatpak runtime org.kde.Platform/x86_64/6.6 it seems to have > issues validating SSL certificates on openSUSE hosts. > Other distros running the same runtime do work. > org.kde.Platform/x86_64/6.5 (previous release) does not have this issue on > openSUSE. > > > STEPS TO REPRODUCE > 1. Install or build OBS Studio with runtime org.kde.Platform 6.6 using > flathub > 2. Add a browser source > 3. Notice browser sourceces keep empty > 4. On X11 using a browser dock it shows an error: > "ERR_CERT_AUTHORITY_INVALID URL: https://obsproject.com/browser-source" > > OBSERVED RESULT > - SSL certificates seem to be broken > - This seem to only happen on openSUSE as of now. Tested openSUSE Leap 15.5, > openSUSE Tumbleweed, openSUSE Aeon and openSUSE Kalpa > - With runtime 6.5 everything works as expected on openSUSE > - Tested Ubuntu VM using the OBS flatpak and runtime 6.6 and browser sources > do still work > - Tested a Ubuntu distrobox on an openSUSE host using the OBS Studio dep > package and things do work as well > > EXPECTED RESULT > - SSL certs to be validated > > > SOFTWARE/OS VERSIONS > Linux/KDE Plasma: openSUSE Aeon Flatpak runtime org.kde.Platform/x86_64/6.6 > KDE Plasma Version: Flatpak runtime org.kde.Platform/x86_64/6.6 > KDE Frameworks Version: Flatpak runtime org.kde.Platform/x86_64/6.6 > Qt Version: Flatpak runtime org.kde.Platform/x86_64/6.6 > > ADDITIONAL INFORMATION > - This issue cam to my attention during: > https://github.com/obsproject/obs-studio/issues/10385 Also I locally build OBS Studio flatpak with runtime org.kde.Platform/x86_64/6.6 which was still broken But building the OBS Flatpak locally using org.kde.Platform/x86_64/6.5 does work again. There seems to be something off with the runtime.
Can you maybe reach out to openSUSE about this issue? I am not sure how we can help you there.
(In reply to Aleix Pol from comment #2) > Can you maybe reach out to openSUSE about this issue? I am not sure how we > can help you there. Probably a good idea yes. Will do. Maybe could someone point me somewhere where I can see what changed from runtime 6.5 to 6.6 so I may be able to better guide the bug report over at openSUSE to what actually changed?
Bug also reported to openSUSE: https://bugzilla.opensuse.org/show_bug.cgi?id=1221557
Response of openSUSE maintainer as of now: Fabian Vogt 2024-03-18 10:14:34 UTC: No idea how flatpak works with SSL certs. It's likely a flatpak or runtime bug, as nothing changed on the openSUSE side.
(In reply to Aleix Pol from comment #2) > Can you maybe reach out to openSUSE about this issue? I am not sure how we > can help you there. Hello there. I tested building OBS Studio using KDE Framework 6 on openSUSE Tumbleweed locally as an RPM package using KDE Frameworks 6 (hence Qt 6.6.2). Form my brief observation the set of KDE libraries shipped with openSUSE Tumbleweed are pretty much the same as those included in the flatpak runtime 6.6. At least judging by just the version numbers. However the native RPM works just fine and has not SSL issues. Also the KDE Runtime 6.5 works fine as well. Simply runtime 6.6 fails for the 3 distributions I tried. It's looking more and more to be an issue with the runtime itself to me? As of why this bug triggers (as of now) only on openSUSE idk though. What's also suspicious is that openSUSE Leap 15.5 also has issues with runtime 6.6 but not with 6.5. Except of that Qt was updated from 6.5 to 6.6 I don't know what's different with both runtimes.
Hm, I did some more testing. Using neochat, which also uses Runtime 6.6 I can connect, and log in. Looking into the logs it also properly connecting to https webpages. Things are getting really strange now. Maybe the embedded chromium OBS Studio uses has issues with runtime 6.6 under certain circumstances?