XMR not working on custom install

CMS Version

4.0.12

Installation Method

Custom

Operating System

Ubuntu 22 LTS

Issue

XMR is not working for me, the following are logged in the CMS log:

Player Action Service is looking to send 1 actions
Player action connection failed. E = Cannot seal message
Unable to Process Queue of Player actions due to 1 of 1 player actions failed

Screenshot requests only happens during the collection period.

config.json:

{
	"listenOn": "tcp://127.0.0.1:50001",
	"pubOn": ["tcp://*:9505"],
	"debug": false
}
Jul 01 13:08:33 xibo systemd[1]: Started XMR Message Relay.
Jul 01 13:08:33 xibo php8.1[10092]: [2024-07-01 13:08:33] xmr.INFO: Starting up - listening for CMS on tcp://127.0.0.1:50001. [] []
Jul 01 13:08:33 xibo php8.1[10092]: [2024-07-01 13:08:33] xmr.INFO: Bind to tcp://*:9505 for Publish. [] []
Jul 01 13:08:33 xibo php8.1[10092]: [2024-07-01 13:08:33] xmr.DEBUG: Adding a queue processor for every 5 seconds [] []

XMR debug true shows that XMR starts right up and I am getting heartbeats

Any help would be great, thanks in advanced!

I found the problem
PlayerActions.php calls openssl_seal and calls it with RC4 cipher which has been depreciated
Changing openssl_seal cipher to aes256-gcm solves it and now XMR sends the message:

{"channel":(redacted),"message":(redacted)}

But now, the clients are expecting RC4

Is it possible to change to AES-256-GCM?

Nice find, I got the same issue, having two versions of Xibo running on my server on one XMR version. What did you exacly change in the file PlayerActions.php?

openssl_seal ‘RC4’ is the legacy algorithm.
maybe you can try enabling openssl legacy codecs instead of changing this, I found that enabling the legacy codec will allow the messages to be sent.

The client will still expect RC4, so I’d say updating the server side has no real use right now

Once legacy algorithms gets enabled RC4 should start working and clients will get updated.
Dev team/Admins,

If it is at all possible can we get the algorithm changed in future versions so that we don’t have to enable insecure algos?