Hi Cyril, Thanks, I'm indeed using red5 in my setup, client is flex.
Just non ssl at all, so only 1935 over HA works prefectly. When I set my frontend to ssl offloading on TCP 443 I see on my red5 server my client coming in when connecting but than it hangs, no other data in de red5 log. I will simply this setup again to see what happens. Red5 works perfectly. I will report. Cheers, Matt 2015-03-29 19:08 GMT+02:00 Cyril Bonté <cyril.bo...@free.fr>: > Hi Matt, > > Le 29/03/2015 16:19, Matt . a écrit : >> >> Whoops my fault while testing. >> >> Indeed, on the backends I connect to 1935 again, I see a connection >> coming in but no "clear data". That part is actually my issue and >> difficult to trace. > > > Then can you re-provide the "expected" configuration ? Because the one you > provided is clearly not going to work. > > Making some quick tests here, it works (but it was really quick tests in a > very simple configuration). > > Steps : > 1. Download a red5-server release, untar, and run it. > 2. Access to http://localhost:5080/installer/ and install OFLA Demo. > 3. Test a RTMP video provided with the demo : > vlc rtmp://localhost/oflaDemo/Avengers2.mp4 > 4. Configure haproxy for offloading SSL > haproxy.cfg content : > listen rtmps > mode tcp > bind :443 ssl crt localhost.pem > server rtmp localhost:1935 > > listen status > mode http > bind :4444 > stats enable > stats uri / > 5. Launch haproxy (in foreground for the tests): > sudo haproxy -f haproxy.cfg > 6. Test the RTMPS video : > vlc rtmps://localhost/oflaDemo/Avengers2.mp4 > => The video is played and we can see that statistics in haproxy are > updated when the connection is closed. > > At this point, I'd recommend simplifying the configuration during the debug. > At least, use only one server for the backends. > Also, how do you test your rtmps streams ? with which client ? which RTMP > server ? ... > > >> >> 2015-03-29 16:11 GMT+02:00 Baptiste <bed...@gmail.com>: >>>> >>>> frontend rtmp_https >>>> bind xxx.xxx.xxx.xxx:443 name >>>> xxx.xxx.xxx.xxx:443 ssl crt /var/etc/haproxy/mycert.pem >>>> mode tcp >>>> log global >>>> maxconn 99999 >>>> timeout client 600000 >>>> use_backend rtmpbackend_tcp_ipvANY if >>>> default_backend rtmpbackend_tcp_ipvANY >>>> >>>> >>>> backend rtmpbackend_tcp_ipvANY >>>> mode tcp >>>> balance leastconn >>>> timeout connect 30000 >>>> timeout server 30000 >>>> retries 3 >>>> option httpchk GET / >>>> server rtmp-01 172.16.5.11:443 check-ssl >>>> check inter 1000 weight 100 verify none >>>> server rtmp-02 172.16.5.12:443 check-ssl >>>> check inter 1000 weight 100 verify none >>> >>> >>> Weren't you supposed to connect on port 1935 where traffic is unciphered? >>> Can you confirm wether traffic is ciphered or not on server's port 443 >>> ?? (you seem to be mixing clear traffic over a connection which expect >>> ciphered traffic on the server side). >>> Does haproxy says the servers are UP (logs, stats page, etc...) >>> >>> Baptiste >> >> > > > -- > Cyril Bonté