Hmmm. If that's the case, then to heck with it. If users have to do that, it'll be a huge pita. I can't imagine asking e.g. my grandmother to do it :-0 .
> The second part of the command is for the screen sharing component to work, > it requires its only SSL certificate -> this one is called keystore.screen Trying to create this second part doesn't work, as I mentioned. I get the following error: keytool error: java.lang.Exception: Key pair not generated, alias <Red5> already exists Dimitri On Thursday 25 October 2012 11:02:00 am Stephen Cottham wrote: > Hi Dimitri, > > Unfortunately you won't be able to get your end users to use SSL without > them importing the root certificate, the reason RTMPS doesn't connect is > because as far as the browser is concerned this is an invalid certificate, > HTTPS will work fine just by simply accepting the certificate via the > browser RTMPS will not work for you unless you have a "real" SSL cert with > a trusted worldwide root certificate. (It's a security issue.. by adding > your root cert in your telling your browser that you trust it regardless > off its contents...) > > Maybe just do the steps I sent to you earlier to make sure that this is > your only issue first? > > The second part of the command is for the screen sharing component to work, > it requires its only SSL certificate -> this one is called keystore.screen > > Best Regards > > > Stephen Cottham > Group IT Manager (Associate) > > Robert Bird Group > Level 5, 333 Ann St > Brisbane, Queensland, 4000, Australia > Phone: +6173 319 2777 (AUS) > Phone: +44207 592 8000 (UK) > Fax: +6173 319 2799 > > Mobile: +61400 756 963 (AUS) > Mobile: +447900 918 616 (UK) > Web: www.robertbird.com > > > This email and any attachments are confidential and may contain legally > privileged information or copyright material. Unless expressly stated, > confidentiality and/or legal privilege is not intended to be waived by the > sending of this email. The contents of this email, including any > attachments, are intended solely for the use of the individual or entity to > whom they are addressed. If you are not an intended recipient, please > contact us immediately by return email and then delete both messages. You > may not otherwise read, forward, copy, use or disclose this email or any > attachments. Any views expressed in this email are those of the individual > sender except where the sender expressly, and with authority, states > otherwise. It is your responsibility to check any attachments for viruses > or defects before opening or sending them on. None of the sender or its > related entities accepts any liability for any consequential damage > resulting from this email containing computer viruses. > > Disclaimer added by CodeTwo Exchange Rules > http://www.codetwo.com > > -----Original Message----- > From: Dimitri Yioulos [mailto:[email protected]] > Sent: 25 October 2012 15:54 > To: [email protected] > Subject: Re: Struggling with SSL > > Stephen, > > Thanks for that, but I really don't care about importing the cert into my > Windows client, and don't want my end users to do that, either. Once I > accept the cert via my browser, I should be good-to-go. > > Going back to an earlier post of yours, I did this part just fine: > > keytool -keysize 2048 -genkey -keyalg RSA -alias red5 -keystore > red5/conf/keystore -storepass "mypassword" -validity 15000 > > However, this part failed with "keytool error: java.lang.Exception: Key > pair not generated, alias <Red5> already exists": > > keytool -keysize 2048 -genkey -keyalg RSA -alias red5 -keystore > red5/conf/keystore.screen -storepass "mypassword" -validity 15000 > > Is the second part necessary? > > I'm still the Error Missing stuff. > > Dimitri > > On Thursday 25 October 2012 10:15:25 am Stephen Cottham wrote: > > Example like here: > > > > http://blogs.technet.com/b/sbs/archive/2007/04/10/installing-a-self-si > > gn ed-certificate-as-a-trusted-root-ca-in-windows-vista.aspx > > > > This is for a webmail site but the principal l is exactly the same for > > any SSL site you want to import the cert from. > > > > (Oh im assuming you are using a Windows client?) > > > > > > > > -----Original Message----- > > From: Stephen Cottham [mailto:[email protected]] > > Sent: 25 October 2012 15:13 > > To: [email protected] > > Subject: RE: Struggling with SSL > > > > Looks fine, id just import the cert as a trusted root certificate and > > test it again. > > > > > > -----Original Message----- > > From: Dimitri Yioulos [mailto:[email protected]] > > Sent: 25 October 2012 15:08 > > To: [email protected] > > Subject: Re: Struggling with SSL > > > > Stephen, > > > > Here's the command I used to create the self-signed cert: > > > > keytool -genkey -keyalg RSA -alias > > Red5 -keystore /usr/local/openmeetings/conf/keystore -storepass > > password -validity 3650 -keysize 2048 > > > > Dimitri > > > > On Thursday 25 October 2012 9:38:33 am Stephen Cottham wrote: > > > Are you using a self-signed certificate? > > > > > > Stephen Cottham > > > Group IT Manager (Associate) > > > > > > Robert Bird Group > > > Level 5, 333 Ann St > > > Brisbane, Queensland, 4000, Australia > > > Phone: +6173 319 2777 (AUS) > > > Phone: +44207 592 8000 (UK) > > > Fax: +6173 319 2799 > > > > > > Mobile: +61400 756 963 (AUS) > > > Mobile: +447900 918 616 (UK) > > > Web: www.robertbird.com > > > > > > > > > This email and any attachments are confidential and may contain > > > legally privileged information or copyright material. Unless > > > expressly > > > > > > stated, confidentiality and/or legal privilege is not intended to be > > > waived by the sending of this email. The contents of this email, > > > including any attachments, are intended solely for the use of the > > > individual or entity to whom they are addressed. If you are not an > > > intended recipient, please contact us immediately by return email > > > and then delete both messages. You may not otherwise read, forward, > > > copy, use or disclose this email or any attachments. Any views > > > expressed in this email are those of the individual sender except > > > where the sender expressly, and with authority, states otherwise. It > > > is your responsibility to check any attachments for viruses or > > > defects before opening or sending them on. None of the sender or its > > > related entities > > > > > > accepts any liability for any consequential damage resulting from > > > this > > > > email containing computer viruses. > > > > > Disclaimer added by CodeTwo Exchange Rules http://www.codetwo.com > > > > > > -----Original Message----- > > > From: Dimitri Yioulos [mailto:[email protected]] > > > Sent: 25 October 2012 14:18 > > > To: [email protected] > > > Subject: Struggling with SSL > > > > > > Greetz, all. > > > > > > Over the past couple of days, I've tried to make openmeetings over > > > ssl > > > > > > work using the directions found on the Web, but have failed. I > > > don't see any obvious errors when starting red5, but get the dreaded > > > "Error Missing [204] --> Error Missing [556] --> Error Missing > > > [642]" when I go to https://myserver. > > > Help would be much appreciated. > > > > > > Dimitri > > > > > > -- > > > This message has been scanned for viruses and dangerous content by > > > MailScanner, and is believed to be clean. > > > > -- > > This message has been scanned for viruses and dangerous content by > > MailScanner, and is believed to be clean. > > -- > This message has been scanned for viruses and dangerous content by > MailScanner, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
