使用HTTPS在IPad Safari上播放HTML5视频 [英] HTML5 Video on IPad Safari using HTTPS

问题描述

我正在尝试使用HTML 5视频元素在iPad（Safari浏览器）上播放.mp4视频。使用HTTP一切正常。但是，使用HTTPS访问时，视频不会加载（或播放）。如果我从桌面Chrome浏览器访问同一网站，我可以使用HTTPS加载和播放视频。网上有其他关于Quicktime和HTTPS无法在iPad上运行的提示。这是同一个问题吗？

I'm trying to play an .mp4 video on an iPad (Safari browser) using the HTML 5 video element. Everything works fine using HTTP. However, the video will not load (or play) when accessed using HTTPS. If I access the same web site from my Desktop Chrome browser, I can load and play the video using HTTPS. There are hints elsewhere on the Web about Quicktime and HTTPS not working on the iPad. Is this the same issue?

推荐答案

您使用的SSL证书可能不是由受信任的根证书颁发机构（或CA）颁发的）iOS / Safari。

The SSL certificate you are using probably was not issued by a trusted Root Certificate Authority (or CA) of iOS/Safari.

现在的SSL证书最有可能由中级CA颁发。

也就是说，根CA支持的CA.

但是，您的浏览器/操作系统对此一无所知。

它只知道您的SSL证书是由它不信任的CA颁发的。

SSL certificates nowadays are most-likely issued by "Intermediate CAs".
That is, a CA that's trusted by the root CA.
However, your browser/OS knows nothing about that.
It only knows that your SSL certificate was issued by a CA that it doesn't trust.

因此，您必须让iOS / Safari知道您的中间CA实际上受到Safari信任的根CA的信任。

So you have to let iOS/Safari know that your intermediate CA is actually trusted by the root CA that Safari trusts.

因此，您需要从CA下载中级证书，并在您的服务器上安装该中级证书，以便Safari / iOS播放您的HTTPS视频（HTTPS = HTTP通过SSL）。

So you need to download the Intermediate Certificate from your CA, and install that Intermediate Certificate on your server, in order for Safari/iOS to play your HTTPS video (HTTPS = HTTP via SSL).

如果您的CA是受根CA信任的CA信任的CA，则需要安装第二个中间证书作为好。一般来说，如果您的CA的信任级别被链接N次，则需要将所有N个证书放在您的服务器上。

In case your CA is a CA that's trusted by a CA that's trusted by a root CA, you'll need to install the second intermediate certificate as well. Generally speaking, if you're CA's trust level is chained N times, you need to put all N certificates on your server.

为了链接您的证书：

cat certfile1 certfile2 ... certfileN > www.YOUR_DOMAIN.com.chained.crt

例如。

cat www.example.com.crt intermediary.crt > www.example.com.chained.crt

然后将链式证书放入虚拟服务器的配置文件中（这是针对nginx的）：

Then you put the chained certificate into the virtual server's configuration file (this is for nginx):

server {
    listen              443 ssl;
    server_name         www.example.com;
    ssl_certificate     www.example.com.chained.crt;
    ssl_certificate_key www.example.com.key;
    ...
}

以防万一你还年轻天真：

SSL证书链订单很重要

（对某些非常非常挑剔的SSL实施）

And just in case you're young and naïve:
SSL Certificate Chain order matters
(to some very, very picky SSL implementations)

订单应为：

<your certificate>
<your cert signer>
<signer for your cert signer>
<etc>

这篇关于使用HTTPS在IPad Safari上播放HTML5视频的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！