4

I was trying to deploy a simple TURN server using coturn. When I test it on Trickle ICE (turn:rtc.jackxujh.me:3478 [webrtc:mighty]), Trickle ICE says "Authentication failed?". The coturn server keeps reporting this error:

ERROR: check_stun_auth: Cannot find credentials of user

Trickle ICE shows Authentication failure.


Here is the complete turnserver.conf I am using (by uncommenting lines of the coturn sample conf):

external-ip=39.108.74.114/XXX.XXX.XXX.XXX #(XXX is internal IP)
fingerprint
lt-cred-mech
use-auth-secret
static-auth-secret=XXXXXXXX... #(XXX is the secret)
realm=rtc.jackxujh.me
user=webrtc:0xXXXXXXXX... #(XXX is the key)
cert=/etc/letsencrypt/live/rtc.jackxujh.me/cert.pem
pkey=/etc/letsencrypt/live/rtc.jackxujh.me/privkey.pem
mobility

I find a related discussion on GitHub, but I don't feel there is a solution at the end.

In fact, I am confused whether my conf file is using TURN REST API or not.

Meanwhile, I tried to check if there was a user named webrtc in turndb, by using # turnadmin -l, but the output was nothing. (Is this command correct?)

jackxujh
  • 983
  • 10
  • 31
  • Does this answer your question? [CoTURN: How to use TURN REST API?](https://stackoverflow.com/questions/35766382/coturn-how-to-use-turn-rest-api) – Pielo May 12 '23 at 09:12

1 Answers1

1

In fact, I am confused whether my conf file is using TURN REST API or not.

I can confirm You use REST API because use-auth-secret is set

use-auth-secret

So you need to use a unixtimestamp as username, and the hashed password..

user=timestamp:userid
password=base64(hmac(secret key, user)

Read more about the difference of Long-Term-Credential and REST:

https://www.ietf.org/proceedings/87/slides/slides-87-behave-10.pdf

If you want to use normal username/password use the long-term-credential so remove use-auth-secret

and set it statically or in db

user=username1:key1

turnadmin

turnadmin -l

list static and db users.

So in case of REST is correct the empty list.