openmeetings-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bart Coninckx <bart.conin...@telenet.be>
Subject Re: RTMPS woes
Date Tue, 29 Jan 2013 12:40:01 GMT
Just a follow-up and a report on where the problems were:

- while testing in my own network, I used the server's hostname to 
connect to OM - turns out you HAVE TO use the same name as in the 
certificate. This was a bit surprising as this is not the case with 
secured Apache - it will just throw an error message about the 
certificate, but leave you the choice to continue. I guess the flash app 
cannot do that.
- I'm not 100% sure, but my impression was that self signed certs indeed 
do not work. I have official certificates now in any case and that works 
fine.
- at one point I made a mistake by nog changing the RTMPS port correctly 
in red5.properties
- the documentation at 
http://incubator.apache.org/openmeetings/RTMPSAndHTTPS.html differs from 
https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools

. My guess is that the latter one is better, because it is more recent. 
These docs are for Ubuntu and Debian, but I installed on SLES 10, 
without having to do anything differently.

BC


On 01/28/13 21:01, Stephen Cottham wrote:
>
> Hey Bart,
>
> Are you using a self-signed certificate by chance?
>
> have you tried different browsers?
>
> Using self-signed certs we have seen problems like this in a few 
> browsers before, (if your using Windows you can import the self-signed 
> cert into the trusted repo and try again this has resolved some issues 
> before)
>
> I don't believe you need to set the path to the cert explicitly in 
> red5-core.xml like you are saying below, I have this working on 2.0 
> and 2.1 without issues (using a legit cert) and have had mixed results 
> using a self-signed and had some issues with Mozilla and chrome using 
> their sandbox with both.
>
> Best Regards
>
> *Stephen Cottham**
> *Group IT Manager (Associate)
>
> Robert Bird Group
> Level 5, 333 Ann St
> Brisbane, Queensland, 4000, Australia
>
> *Phone: +6173 319 2777 (AUS)*
>
> *Phone: +44207 633 2880 (UK)*
>
> *Fax: +6173 319 2799*
>
> **
>
> *Mobile:  +61400 756 963 (AUS)*
>
> *Mobile: +447900 918 616 (UK)*
>
> *Web: **www.robertbird.com* <http://www.robertbird.com/>
>
> <http://www.robertbird.com.au/><http://www.robertbird.com.au/>
>
> This email and any attachments are confidential and may contain 
> legally privileged information or copyright material. Unless expressly 
> stated, confidentiality and/or legal privilege is not intended to be 
> waived by the sending of this email. The contents of this email, 
> including any attachments, are intended solely for the use of the 
> individual or entity to whom they are addressed. If you are not an 
> intended recipient, please contact us immediately by return email and 
> then delete both messages. You may not otherwise read, forward, copy, 
> use or disclose this email or any attachments. Any views expressed in 
> this email are those of the individual sender except where the sender 
> expressly, and with authority, states otherwise. It is your 
> responsibility to check any attachments for viruses or defects before 
> opening or sending them on. None of the sender or its related entities 
> accepts any liability for any consequential damage resulting from this 
> email containing computer viruses.
>
>
> Disclaimer added by *CodeTwo Exchange Rules*
> www.codetwo.com <http://www.codetwo.com>
>
> *From:*Bart Coninckx [mailto:bart.coninckx@telenet.be]
> *Sent:* 28 January 2013 19:42
> *To:* openmeetings-user@incubator.apache.org
> *Subject:* Re: RTMPS woes
>
> Well, it did seem to be an effect of the path: the error message 
> disappeared once I changed
>
> <property name="keystoreFile" value="conf/keystore">
> into
> <property name="keystoreFile" value="/data/openmeetings/conf/keystore">
>
> in red5-core.xml
>
> This reflects the real path on my server. Some one might want to add 
> this to the documentation.
>
> The situation now is like this gentleman describes:
>
> https://issues.apache.org/jira/browse/OPENMEETINGS-500
>
> I can't shake the feeling the documentation is missing something ...
>
>
> BC
>
>
>
> On 01/28/13 00:49, Bart Coninckx wrote:
>
>     One addition: I installed in /data/openmeetings, but I had this
>     reflected in the init.d script that starts OpenMeetings. I hope
>     that is OK?
>
>     BC
>
>     On 01/28/13 00:47, Bart Coninckx wrote:
>
>         Hi all,
>
>         been trying to get SSL rolling following the docs on
>         http://incubator.apache.org/openmeetings/RTMPSAndHTTPS.html
>
>         I doublechecked everything but conecting to the OM site
>         produces a "try 1", "try 2" etc and ends in
>         NetConnection.Connect.Failed
>
>         The red5 console says:
>
>         [WARN] [NioProcessor-19]
>         org.red5.server.net.rtmps.RTMPSMinaIoHandler - Exception
>         caught Keystore or password are null
>
>         the keystore is in "RED5_HOME"/conf and the passwords works.
>
>         While capturing the packets I see a lot on 443, so HTTPS seems
>         OK and jsut a fiew on 5443, so my guess is that RTMPS has a
>         problem.
>
>
>         The only step I did not do in the docu was:
>
>         7. Create additional certificate as described above. Add this
>         certificate to the following keystores:
>         red5/conf/keystore.screen and red5/conf/keystore.
>
>         as it is not very clear. Do you need to create a new CSR and
>         next a new CRT? Because that makes no sense. Or do I need a
>         new keystore named keystore.screen and import the same
>         certificates?
>
>         Thx for clarifying this,
>
>         BC
>
>
>


Mime
View raw message