openmeetings-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bart Coninckx <bart.conin...@telenet.be>
Subject Re: RTMPS woes
Date Mon, 28 Jan 2013 20:56:44 GMT
Wait a sec, I just read that RTMPS IS RTMPT over SSL !!

Will do some morge digging into combining things with a reversed SSL 
proxy. I also saw pages using Stunnel, which is an ugly hack but if it 
works ...


BC


On 01/28/13 21:48, Bart Coninckx wrote:
> Hi Stephen,
>
> thx !
>
> tried both self-signed and an official one. Tried just one browser as 
> we standardize to that browser (Internet Explorer).
> Getting RTMPS to work seems to be a daunting task.
> I'm trying to get it to work differently by looking at RTMPT and a SSL 
> reversed proxy. Unfortunately a SSL/TLS version of RTMPT does not seem 
> to exist, unless RTMPS does also a secured version of RTMPT.
> And then there is the challenge to get the Flash app to use the SSL 
> version of RTMPT. By closing port 1935 RTMPT on 8088 is automatically 
> used, but clear text.
>
> *sigh*
>
> BC
>
>
>
> On 01/28/13 21:01, Stephen Cottham wrote:
>>
>> Hey Bart,
>>
>> Are you using a self-signed certificate by chance?
>>
>> have you tried different browsers?
>>
>> Using self-signed certs we have seen problems like this in a few 
>> browsers before, (if your using Windows you can import the 
>> self-signed cert into the trusted repo and try again this has 
>> resolved some issues before)
>>
>> I don't believe you need to set the path to the cert explicitly in 
>> red5-core.xml like you are saying below, I have this working on 2.0 
>> and 2.1 without issues (using a legit cert) and have had mixed 
>> results using a self-signed and had some issues with Mozilla and 
>> chrome using their sandbox with both.
>>
>> Best Regards
>>
>> *Stephen Cottham**
>> *Group IT Manager (Associate)
>>
>> Robert Bird Group
>> Level 5, 333 Ann St
>> Brisbane, Queensland, 4000, Australia
>>
>> *Phone: +6173 319 2777 (AUS)*
>>
>> *Phone: +44207 633 2880 (UK)*
>>
>> *Fax: +6173 319 2799*
>>
>> **
>>
>> *Mobile:  +61400 756 963 (AUS)*
>>
>> *Mobile:  +447900 918 616 (UK)*
>>
>> *Web: **www.robertbird.com* <http://www.robertbird.com/>
>>
>> <http://www.robertbird.com.au/><http://www.robertbird.com.au/>
>>
>> This email and any attachments are confidential and may contain 
>> legally privileged information or copyright material. Unless 
>> expressly stated, confidentiality and/or legal privilege is not 
>> intended to be waived by the sending of this email. The contents of 
>> this email, including any attachments, are intended solely for the 
>> use of the individual or entity to whom they are addressed. If you 
>> are not an intended recipient, please contact us immediately by 
>> return email and then delete both messages. You may not otherwise 
>> read, forward, copy, use or disclose this email or any attachments. 
>> Any views expressed in this email are those of the individual sender 
>> except where the sender expressly, and with authority, states 
>> otherwise. It is your responsibility to check any attachments for 
>> viruses or defects before opening or sending them on. None of the 
>> sender or its related entities accepts any liability for any 
>> consequential damage resulting from this email containing computer 
>> viruses.
>>
>>
>> Disclaimer added by *CodeTwo Exchange Rules*
>> www.codetwo.com <http://www.codetwo.com>
>>
>> *From:*Bart Coninckx [mailto:bart.coninckx@telenet.be]
>> *Sent:* 28 January 2013 19:42
>> *To:* openmeetings-user@incubator.apache.org
>> *Subject:* Re: RTMPS woes
>>
>> Well, it did seem to be an effect of the path: the error message 
>> disappeared once I changed
>>
>> <property name="keystoreFile" value="conf/keystore">
>> into
>> <property name="keystoreFile" value="/data/openmeetings/conf/keystore">
>>
>> in red5-core.xml
>>
>> This reflects the real path on my server. Some one might want to add 
>> this to the documentation.
>>
>> The situation now is like this gentleman describes:
>>
>> https://issues.apache.org/jira/browse/OPENMEETINGS-500
>>
>> I can't shake the feeling the documentation is missing something ...
>>
>>
>> BC
>>
>>
>>
>> On 01/28/13 00:49, Bart Coninckx wrote:
>>
>>     One addition: I installed in /data/openmeetings, but I had this
>>     reflected in the init.d script that starts OpenMeetings. I hope
>>     that is OK?
>>
>>     BC
>>
>>     On 01/28/13 00:47, Bart Coninckx wrote:
>>
>>         Hi all,
>>
>>         been trying to get SSL rolling following the docs on
>>         http://incubator.apache.org/openmeetings/RTMPSAndHTTPS.html
>>
>>         I doublechecked everything but conecting to the OM site
>>         produces a "try 1", "try 2" etc and ends in
>>         NetConnection.Connect.Failed
>>
>>         The red5 console says:
>>
>>         [WARN] [NioProcessor-19]
>>         org.red5.server.net.rtmps.RTMPSMinaIoHandler - Exception
>>         caught Keystore or password are null
>>
>>         the keystore is in "RED5_HOME"/conf and the passwords works.
>>
>>         While capturing the packets I see a lot on 443, so HTTPS
>>         seems OK and jsut a fiew on 5443, so my guess is that RTMPS
>>         has a problem.
>>
>>
>>         The only step I did not do in the docu was:
>>
>>         7. Create additional certificate as described above. Add this
>>         certificate to the following keystores:
>>         red5/conf/keystore.screen and red5/conf/keystore.
>>
>>         as it is not very clear. Do you need to create a new CSR and
>>         next a new CRT? Because that makes no sense. Or do I need a
>>         new keystore named keystore.screen and import the same
>>         certificates?
>>
>>         Thx for clarifying this,
>>
>>         BC
>>
>>
>>
>


Mime
View raw message