[ https://issues.apache.org/jira/browse/OPENMEETINGS-2601?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17309784#comment-17309784 ]
ASF subversion and git services commented on OPENMEETINGS-2601: --------------------------------------------------------------- Commit c9436b828c88ed7f5d58be5da974a25e9b09f8e4 in openmeetings's branch refs/heads/master from Sebastian Wagner [ https://gitbox.apache.org/repos/asf?p=openmeetings.git;h=c9436b8 ] OPENMEETINGS-2601 Fix parsing directly to Enum types. > Ability to configure Kurento::WebRtcEndpoint.CertificateKeyType > --------------------------------------------------------------- > > Key: OPENMEETINGS-2601 > URL: https://issues.apache.org/jira/browse/OPENMEETINGS-2601 > Project: Openmeetings > Issue Type: Improvement > Components: Cluster > Affects Versions: 6.0.0 > Reporter: Sebastian Wagner > Assignee: Sebastian Wagner > Priority: Major > Fix For: 6.1.0 > > > For some browsers (Firefox), in case multiple KMS servers are used, they > require each KMS to use the same certificate. > See: > [https://doc-kurento.readthedocs.io/en/latest/features/security.html#media-plane-security-dtls] > This requires configuring the certificate on Kurento, but it also requires > setting the certificate type during creation of the WebRtcEndpoint: > {code:java} > ;; Certificate used for DTLS authentication. > ;; > ;; If you want KMS to use a specific certificate for DTLS, then provide it > here. > ;; You can provide both RSA or ECDSA files; the choice between them is done > when > ;; calling the WebRtcEndpoint constructor. > ;; > ;; If this setting isn't specified, a different set of self-signed > certificates > ;; is generated automatically for each WebRtcEndpoint instance. > ;; > ;; This setting can be helpful, for example, for situations where you have to > ;; manage multiple media servers and want to make sure that all of them use > the > ;; same certificate. Some browsers, such as Firefox, require this in order to > ;; allow multiple WebRTC connections from the same tab to different KMS. > ;; > ;; Absolute path to the concatenated certificate (chain) file(s) + private > key, > ;; in PEM format. > ;; > ;pemCertificateRSA=/path/to/cert+key.pem > ;pemCertificateECDSA=/path/to/cert+key.pem > {code} > => "the choice between them is done when ;; calling the WebRtcEndpoint > constructor." > I tried this out, it is required to set the Certificate during the calling > the constructor, just configuring it in KMS will not fix it. > -- This message was sent by Atlassian Jira (v8.3.4#803005)