Re: SSL with Ubuntu OM installation
Back when I was having issues with sound I was thinking it may have
required SSL to get video/microphone access, this turned out to not be
true, but I wrote some scripts that at least for centos take
openmeetings and use sed, etc to make openmeetings ssl automatically.
Still a bit raw and not enough error handling/checking. I also wanted
to use have expect subscripts so I could handle password/key entry.
One nice thing is that all the necessary steps are captured. Who
knows, it could be the start or kernel of something..
I can post the relevant parts of my scripts if people think it is useful.
-Dave
On Sun, Mar 18, 2018 at 9:49 PM, Ramón Zárate Moedano wrote:
> It would be great if Alvaro could add to existing tutorials SSL part using
> lets encryp.
>
> At this time is mandatory for chrome and maybe would be for all browsers.
>
> El dom., 18 de mar. de 2018 9:59 PM, Maxim Solodovnik
> escribió:
>>
>> Hello Anis,
>>
>> unfortunately I'm not maintaining OM tutorials.
>> I saw very detailed steps in user@ mailing list, you can use them as
>> tutorials :)
>>
>>
>> On Mon, Mar 19, 2018 at 10:56 AM, Anis Aliev wrote:
>> > Dear Maxim,
>> >
>> > Is it possible to make full tutorial including SSL configuration of OM?
>> > or
>> > just update Tutorials with SSL ? For example with Lets Encrypt
>> > I think not only me but all community want it.
>> >
>> > Thanks!
>> >
>> > 2018-03-18 18:21 GMT+05:00 Maxim Solodovnik :
>> >>
>> >> I'm usually using `netstat -an|grep 5443` (never used nmap)
>> >>
>> >> According to your configs
>> >> jee-container.xml looks good
>> >>
>> >> keystore/trustsrore file/pass need to be set in red5.properties
>> >> It should match your actual keystore
>> >>
>> >> I wouls run red5.sh from console and check what is being printed
>> >>
>> >> On Sun, Mar 18, 2018 at 1:52 AM, Aaron Hepp
>> >> wrote:
>> >> > I have followed a few different guides on importing a cert into a
>> >> > Tomcat
>> >> > installation from my cert provider as well from the OM site:
>> >> >
>> >> > https://openmeetings.apache.org/RTMPSAndHTTPS.html
>> >> >
>> >> >
>> >> >
>> >> > https://helpdesk.ssls.com/hc/en-us/articles/203505171-How-to-install-a-SSL-certificate-on-a-Tomcat-server
>> >> >
>> >> > last portion you need to changed the XML file. For OM installation
>> >> > you
>> >> > need
>> >> > to comment out the "Tomcat without SSL enabled" via and
>> >> > remove
>> >> > them from "Tomcat with SSL enable" in /opt/om/conf/ jee-container.xml
>> >> >
>> >> > Saved all files and shutdown and restarted the red5 service. Do a
>> >> > NMAP
>> >> > and
>> >> > still shows OM listening on 5080 and 1935. I have gone into the OM
>> >> > installation and changed flash.secure = true and restarted from there
>> >> > and
>> >> > still showing the listening on those ports.
>> >> >
>> >> > server:~# nmap localhost
>> >> >
>> >> > Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-17 18:36 UTC
>> >> > Nmap scan report for localhost (127.0.0.1)
>> >> > Host is up (0.27s latency).
>> >> > rDNS record for 127.0.0.1: localhost.localdomain
>> >> > Not shown: 995 closed ports
>> >> > PORT STATE SERVICE
>> >> > 22/tcp open ssh
>> >> > 1935/tcp open rtmp
>> >> > 3306/tcp open mysql
>> >> > 5080/tcp open onscreen
>> >> > /tcp open abyss
>> >> > Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
>> >> >
>> >> > Is there other steps that need to be taken to get it to start
>> >> > listening
>> >> > on
>> >> > 5443? I did notice the four entries below. Do I need to edit them
>> >> > with
>> >> > my
>> >> > jks file locations and the password used to create or since client
>> >> > auth
>> >> > is
>> >> > disabled that they are not needed?
>> >> >
>> >> > > >> > key="keystoreFile" value="${rtmps.keystorefile}" />
>> >> > > >> > key="keystorePass" value="${rtmps.keystorepass}" />
>> >> > > >> > key="truststoreFile" value="${rtmps.truststorefile}" />
>> >> > > >> > key="truststorePass" value="${rtmps.truststorepass}" />
>> >> >
>> >> > I have attached the xml file to make sure that is correct. Need to
>> >> > get
>> >> > this
>> >> > moved over to SSL as the last browser to still support unsecured
>> >> > flash
>> >> > is
>> >> > Firefox, and from what I understand that will be removed in the next
>> >> > revision.
>> >> >
>> >> >
>> >> >
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> WBR
>> >> Maxim aka solomax
>> >
>> >
>> >
>> >
>> > --
>> >
>> > IT Manager,e-learning specialist
>> > Skype:aliev_anis
>> > www.facebook.com/anis.aliev
>> > Тел:989010012
>>
>>
>>
>> --
>> WBR
>> Maxim aka solomax
Re: SSL with Ubuntu OM installation
I already asked him, but he said he don't have time. Better if community
ask him too :)
пн, 19 марта 2018 г., 9:49 Ramón Zárate Moedano :
> It would be great if Alvaro could add to existing tutorials SSL part using
> lets encryp.
>
> At this time is mandatory for chrome and maybe would be for all browsers.
>
> El dom., 18 de mar. de 2018 9:59 PM, Maxim Solodovnik <
> solomax...@gmail.com> escribió:
>
>> Hello Anis,
>>
>> unfortunately I'm not maintaining OM tutorials.
>> I saw very detailed steps in user@ mailing list, you can use them as
>> tutorials :)
>>
>>
>> On Mon, Mar 19, 2018 at 10:56 AM, Anis Aliev
>> wrote:
>> > Dear Maxim,
>> >
>> > Is it possible to make full tutorial including SSL configuration of OM?
>> or
>> > just update Tutorials with SSL ? For example with Lets Encrypt
>> > I think not only me but all community want it.
>> >
>> > Thanks!
>> >
>> > 2018-03-18 18:21 GMT+05:00 Maxim Solodovnik :
>> >>
>> >> I'm usually using `netstat -an|grep 5443` (never used nmap)
>> >>
>> >> According to your configs
>> >> jee-container.xml looks good
>> >>
>> >> keystore/trustsrore file/pass need to be set in red5.properties
>> >> It should match your actual keystore
>> >>
>> >> I wouls run red5.sh from console and check what is being printed
>> >>
>> >> On Sun, Mar 18, 2018 at 1:52 AM, Aaron Hepp
>> wrote:
>> >> > I have followed a few different guides on importing a cert into a
>> Tomcat
>> >> > installation from my cert provider as well from the OM site:
>> >> >
>> >> > https://openmeetings.apache.org/RTMPSAndHTTPS.html
>> >> >
>> >> >
>> >> >
>> https://helpdesk.ssls.com/hc/en-us/articles/203505171-How-to-install-a-SSL-certificate-on-a-Tomcat-server
>> >> >
>> >> > last portion you need to changed the XML file. For OM installation
>> you
>> >> > need
>> >> > to comment out the "Tomcat without SSL enabled" via and
>> remove
>> >> > them from "Tomcat with SSL enable" in /opt/om/conf/ jee-container.xml
>> >> >
>> >> > Saved all files and shutdown and restarted the red5 service. Do a
>> NMAP
>> >> > and
>> >> > still shows OM listening on 5080 and 1935. I have gone into the OM
>> >> > installation and changed flash.secure = true and restarted from there
>> >> > and
>> >> > still showing the listening on those ports.
>> >> >
>> >> > server:~# nmap localhost
>> >> >
>> >> > Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-17 18:36 UTC
>> >> > Nmap scan report for localhost (127.0.0.1)
>> >> > Host is up (0.27s latency).
>> >> > rDNS record for 127.0.0.1: localhost.localdomain
>> >> > Not shown: 995 closed ports
>> >> > PORT STATE SERVICE
>> >> > 22/tcp open ssh
>> >> > 1935/tcp open rtmp
>> >> > 3306/tcp open mysql
>> >> > 5080/tcp open onscreen
>> >> > /tcp open abyss
>> >> > Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
>> >> >
>> >> > Is there other steps that need to be taken to get it to start
>> listening
>> >> > on
>> >> > 5443? I did notice the four entries below. Do I need to edit them
>> with
>> >> > my
>> >> > jks file locations and the password used to create or since client
>> auth
>> >> > is
>> >> > disabled that they are not needed?
>> >> >
>> >> > > >> > key="keystoreFile" value="${rtmps.keystorefile}" />
>> >> > > >> > key="keystorePass" value="${rtmps.keystorepass}" />
>> >> > > >> > key="truststoreFile" value="${rtmps.truststorefile}" />
>> >> > > >> > key="truststorePass" value="${rtmps.truststorepass}" />
>> >> >
>> >> > I have attached the xml file to make sure that is correct. Need to
>> get
>> >> > this
>> >> > moved over to SSL as the last browser to still support unsecured
>> flash
>> >> > is
>> >> > Firefox, and from what I understand that will be removed in the next
>> >> > revision.
>> >> >
>> >> >
>> >> >
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> WBR
>> >> Maxim aka solomax
>> >
>> >
>> >
>> >
>> > --
>> >
>> > IT Manager,e-learning specialist
>> > Skype:aliev_anis
>> > www.facebook.com/anis.aliev
>> > Тел:989010012
>>
>>
>>
>> --
>> WBR
>> Maxim aka solomax
>>
>
Re: SSL with Ubuntu OM installation
It would be great if Alvaro could add to existing tutorials SSL part using
lets encryp.
At this time is mandatory for chrome and maybe would be for all browsers.
El dom., 18 de mar. de 2018 9:59 PM, Maxim Solodovnik
escribió:
> Hello Anis,
>
> unfortunately I'm not maintaining OM tutorials.
> I saw very detailed steps in user@ mailing list, you can use them as
> tutorials :)
>
>
> On Mon, Mar 19, 2018 at 10:56 AM, Anis Aliev wrote:
> > Dear Maxim,
> >
> > Is it possible to make full tutorial including SSL configuration of OM?
> or
> > just update Tutorials with SSL ? For example with Lets Encrypt
> > I think not only me but all community want it.
> >
> > Thanks!
> >
> > 2018-03-18 18:21 GMT+05:00 Maxim Solodovnik :
> >>
> >> I'm usually using `netstat -an|grep 5443` (never used nmap)
> >>
> >> According to your configs
> >> jee-container.xml looks good
> >>
> >> keystore/trustsrore file/pass need to be set in red5.properties
> >> It should match your actual keystore
> >>
> >> I wouls run red5.sh from console and check what is being printed
> >>
> >> On Sun, Mar 18, 2018 at 1:52 AM, Aaron Hepp
> wrote:
> >> > I have followed a few different guides on importing a cert into a
> Tomcat
> >> > installation from my cert provider as well from the OM site:
> >> >
> >> > https://openmeetings.apache.org/RTMPSAndHTTPS.html
> >> >
> >> >
> >> >
> https://helpdesk.ssls.com/hc/en-us/articles/203505171-How-to-install-a-SSL-certificate-on-a-Tomcat-server
> >> >
> >> > last portion you need to changed the XML file. For OM installation
> you
> >> > need
> >> > to comment out the "Tomcat without SSL enabled" via and
> remove
> >> > them from "Tomcat with SSL enable" in /opt/om/conf/ jee-container.xml
> >> >
> >> > Saved all files and shutdown and restarted the red5 service. Do a
> NMAP
> >> > and
> >> > still shows OM listening on 5080 and 1935. I have gone into the OM
> >> > installation and changed flash.secure = true and restarted from there
> >> > and
> >> > still showing the listening on those ports.
> >> >
> >> > server:~# nmap localhost
> >> >
> >> > Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-17 18:36 UTC
> >> > Nmap scan report for localhost (127.0.0.1)
> >> > Host is up (0.27s latency).
> >> > rDNS record for 127.0.0.1: localhost.localdomain
> >> > Not shown: 995 closed ports
> >> > PORT STATE SERVICE
> >> > 22/tcp open ssh
> >> > 1935/tcp open rtmp
> >> > 3306/tcp open mysql
> >> > 5080/tcp open onscreen
> >> > /tcp open abyss
> >> > Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
> >> >
> >> > Is there other steps that need to be taken to get it to start
> listening
> >> > on
> >> > 5443? I did notice the four entries below. Do I need to edit them
> with
> >> > my
> >> > jks file locations and the password used to create or since client
> auth
> >> > is
> >> > disabled that they are not needed?
> >> >
> >> > >> > key="keystoreFile" value="${rtmps.keystorefile}" />
> >> > >> > key="keystorePass" value="${rtmps.keystorepass}" />
> >> > >> > key="truststoreFile" value="${rtmps.truststorefile}" />
> >> > >> > key="truststorePass" value="${rtmps.truststorepass}" />
> >> >
> >> > I have attached the xml file to make sure that is correct. Need to
> get
> >> > this
> >> > moved over to SSL as the last browser to still support unsecured flash
> >> > is
> >> > Firefox, and from what I understand that will be removed in the next
> >> > revision.
> >> >
> >> >
> >> >
> >> >
> >>
> >>
> >>
> >> --
> >> WBR
> >> Maxim aka solomax
> >
> >
> >
> >
> > --
> >
> > IT Manager,e-learning specialist
> > Skype:aliev_anis
> > www.facebook.com/anis.aliev
> > Тел:989010012
>
>
>
> --
> WBR
> Maxim aka solomax
>
Re: SSL with Ubuntu OM installation
Hello Anis,
unfortunately I'm not maintaining OM tutorials.
I saw very detailed steps in user@ mailing list, you can use them as
tutorials :)
On Mon, Mar 19, 2018 at 10:56 AM, Anis Aliev wrote:
> Dear Maxim,
>
> Is it possible to make full tutorial including SSL configuration of OM? or
> just update Tutorials with SSL ? For example with Lets Encrypt
> I think not only me but all community want it.
>
> Thanks!
>
> 2018-03-18 18:21 GMT+05:00 Maxim Solodovnik :
>>
>> I'm usually using `netstat -an|grep 5443` (never used nmap)
>>
>> According to your configs
>> jee-container.xml looks good
>>
>> keystore/trustsrore file/pass need to be set in red5.properties
>> It should match your actual keystore
>>
>> I wouls run red5.sh from console and check what is being printed
>>
>> On Sun, Mar 18, 2018 at 1:52 AM, Aaron Hepp wrote:
>> > I have followed a few different guides on importing a cert into a Tomcat
>> > installation from my cert provider as well from the OM site:
>> >
>> > https://openmeetings.apache.org/RTMPSAndHTTPS.html
>> >
>> >
>> > https://helpdesk.ssls.com/hc/en-us/articles/203505171-How-to-install-a-SSL-certificate-on-a-Tomcat-server
>> >
>> > last portion you need to changed the XML file. For OM installation you
>> > need
>> > to comment out the "Tomcat without SSL enabled" via and remove
>> > them from "Tomcat with SSL enable" in /opt/om/conf/ jee-container.xml
>> >
>> > Saved all files and shutdown and restarted the red5 service. Do a NMAP
>> > and
>> > still shows OM listening on 5080 and 1935. I have gone into the OM
>> > installation and changed flash.secure = true and restarted from there
>> > and
>> > still showing the listening on those ports.
>> >
>> > server:~# nmap localhost
>> >
>> > Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-17 18:36 UTC
>> > Nmap scan report for localhost (127.0.0.1)
>> > Host is up (0.27s latency).
>> > rDNS record for 127.0.0.1: localhost.localdomain
>> > Not shown: 995 closed ports
>> > PORT STATE SERVICE
>> > 22/tcp open ssh
>> > 1935/tcp open rtmp
>> > 3306/tcp open mysql
>> > 5080/tcp open onscreen
>> > /tcp open abyss
>> > Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
>> >
>> > Is there other steps that need to be taken to get it to start listening
>> > on
>> > 5443? I did notice the four entries below. Do I need to edit them with
>> > my
>> > jks file locations and the password used to create or since client auth
>> > is
>> > disabled that they are not needed?
>> >
>> > > > key="keystoreFile" value="${rtmps.keystorefile}" />
>> > > > key="keystorePass" value="${rtmps.keystorepass}" />
>> > > > key="truststoreFile" value="${rtmps.truststorefile}" />
>> > > > key="truststorePass" value="${rtmps.truststorepass}" />
>> >
>> > I have attached the xml file to make sure that is correct. Need to get
>> > this
>> > moved over to SSL as the last browser to still support unsecured flash
>> > is
>> > Firefox, and from what I understand that will be removed in the next
>> > revision.
>> >
>> >
>> >
>> >
>>
>>
>>
>> --
>> WBR
>> Maxim aka solomax
>
>
>
>
> --
>
> IT Manager,e-learning specialist
> Skype:aliev_anis
> www.facebook.com/anis.aliev
> Тел:989010012
--
WBR
Maxim aka solomax
Re: SSL with Ubuntu OM installation
Dear Maxim,
Is it possible to make full tutorial including SSL configuration of OM? or
just update Tutorials with SSL ? For example with Lets Encrypt
I think not only me but all community want it.
Thanks!
2018-03-18 18:21 GMT+05:00 Maxim Solodovnik :
> I'm usually using `netstat -an|grep 5443` (never used nmap)
>
> According to your configs
> jee-container.xml looks good
>
> keystore/trustsrore file/pass need to be set in red5.properties
> It should match your actual keystore
>
> I wouls run red5.sh from console and check what is being printed
>
> On Sun, Mar 18, 2018 at 1:52 AM, Aaron Hepp wrote:
> > I have followed a few different guides on importing a cert into a Tomcat
> > installation from my cert provider as well from the OM site:
> >
> > https://openmeetings.apache.org/RTMPSAndHTTPS.html
> >
> > https://helpdesk.ssls.com/hc/en-us/articles/203505171-How-
> to-install-a-SSL-certificate-on-a-Tomcat-server
> >
> > last portion you need to changed the XML file. For OM installation you
> need
> > to comment out the "Tomcat without SSL enabled" via and remove
> > them from "Tomcat with SSL enable" in /opt/om/conf/ jee-container.xml
> >
> > Saved all files and shutdown and restarted the red5 service. Do a NMAP
> and
> > still shows OM listening on 5080 and 1935. I have gone into the OM
> > installation and changed flash.secure = true and restarted from there and
> > still showing the listening on those ports.
> >
> > server:~# nmap localhost
> >
> > Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-17 18:36 UTC
> > Nmap scan report for localhost (127.0.0.1)
> > Host is up (0.27s latency).
> > rDNS record for 127.0.0.1: localhost.localdomain
> > Not shown: 995 closed ports
> > PORT STATE SERVICE
> > 22/tcp open ssh
> > 1935/tcp open rtmp
> > 3306/tcp open mysql
> > 5080/tcp open onscreen
> > /tcp open abyss
> > Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
> >
> > Is there other steps that need to be taken to get it to start listening
> on
> > 5443? I did notice the four entries below. Do I need to edit them with
> my
> > jks file locations and the password used to create or since client auth
> is
> > disabled that they are not needed?
> >
> > > key="keystoreFile" value="${rtmps.keystorefile}" />
> > > key="keystorePass" value="${rtmps.keystorepass}" />
> > > key="truststoreFile" value="${rtmps.truststorefile}" />
> > > key="truststorePass" value="${rtmps.truststorepass}" />
> >
> > I have attached the xml file to make sure that is correct. Need to get
> this
> > moved over to SSL as the last browser to still support unsecured flash is
> > Firefox, and from what I understand that will be removed in the next
> > revision.
> >
> >
> >
> >
>
>
>
> --
> WBR
> Maxim aka solomax
>
--
IT Manager,e-learning specialist
Skype:aliev_anis
www.facebook.com/anis.aliev
Тел:989010012
Re: SSL with Ubuntu OM installation
It was the red5.properties that was causing the issue. I never scrolled down far enough to see the section and since I used a "real" password it was not authenticating the the stores(s). Once everything was changed it worked as expected. Thank you for your assistance. On 3/18/2018 9:21 AM, Maxim Solodovnik wrote: I'm usually using `netstat -an|grep 5443` (never used nmap) According to your configs jee-container.xml looks good keystore/trustsrore file/pass need to be set in red5.properties It should match your actual keystore I wouls run red5.sh from console and check what is being printed On Sun, Mar 18, 2018 at 1:52 AM, Aaron Hepp wrote: I have followed a few different guides on importing a cert into a Tomcat installation from my cert provider as well from the OM site: https://openmeetings.apache.org/RTMPSAndHTTPS.html https://helpdesk.ssls.com/hc/en-us/articles/203505171-How-to-install-a-SSL-certificate-on-a-Tomcat-server last portion you need to changed the XML file. For OM installation you need to comment out the "Tomcat without SSL enabled" via and remove them from "Tomcat with SSL enable" in /opt/om/conf/ jee-container.xml Saved all files and shutdown and restarted the red5 service. Do a NMAP and still shows OM listening on 5080 and 1935. I have gone into the OM installation and changed flash.secure = true and restarted from there and still showing the listening on those ports. server:~# nmap localhost Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-17 18:36 UTC Nmap scan report for localhost (127.0.0.1) Host is up (0.27s latency). rDNS record for 127.0.0.1: localhost.localdomain Not shown: 995 closed ports PORT STATE SERVICE 22/tcp open ssh 1935/tcp open rtmp 3306/tcp open mysql 5080/tcp open onscreen /tcp open abyss Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds Is there other steps that need to be taken to get it to start listening on 5443? I did notice the four entries below. Do I need to edit them with my jks file locations and the password used to create or since client auth is disabled that they are not needed? I have attached the xml file to make sure that is correct. Need to get this moved over to SSL as the last browser to still support unsecured flash is Firefox, and from what I understand that will be removed in the next revision.
Re: SSL with Ubuntu OM installation
I'm usually using `netstat -an|grep 5443` (never used nmap)
According to your configs
jee-container.xml looks good
keystore/trustsrore file/pass need to be set in red5.properties
It should match your actual keystore
I wouls run red5.sh from console and check what is being printed
On Sun, Mar 18, 2018 at 1:52 AM, Aaron Hepp wrote:
> I have followed a few different guides on importing a cert into a Tomcat
> installation from my cert provider as well from the OM site:
>
> https://openmeetings.apache.org/RTMPSAndHTTPS.html
>
> https://helpdesk.ssls.com/hc/en-us/articles/203505171-How-to-install-a-SSL-certificate-on-a-Tomcat-server
>
> last portion you need to changed the XML file. For OM installation you need
> to comment out the "Tomcat without SSL enabled" via and remove
> them from "Tomcat with SSL enable" in /opt/om/conf/ jee-container.xml
>
> Saved all files and shutdown and restarted the red5 service. Do a NMAP and
> still shows OM listening on 5080 and 1935. I have gone into the OM
> installation and changed flash.secure = true and restarted from there and
> still showing the listening on those ports.
>
> server:~# nmap localhost
>
> Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-17 18:36 UTC
> Nmap scan report for localhost (127.0.0.1)
> Host is up (0.27s latency).
> rDNS record for 127.0.0.1: localhost.localdomain
> Not shown: 995 closed ports
> PORT STATE SERVICE
> 22/tcp open ssh
> 1935/tcp open rtmp
> 3306/tcp open mysql
> 5080/tcp open onscreen
> /tcp open abyss
> Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
>
> Is there other steps that need to be taken to get it to start listening on
> 5443? I did notice the four entries below. Do I need to edit them with my
> jks file locations and the password used to create or since client auth is
> disabled that they are not needed?
>
> key="keystoreFile" value="${rtmps.keystorefile}" />
> key="keystorePass" value="${rtmps.keystorepass}" />
> key="truststoreFile" value="${rtmps.truststorefile}" />
> key="truststorePass" value="${rtmps.truststorepass}" />
>
> I have attached the xml file to make sure that is correct. Need to get this
> moved over to SSL as the last browser to still support unsecured flash is
> Firefox, and from what I understand that will be removed in the next
> revision.
>
>
>
>
--
WBR
Maxim aka solomax
SSL with Ubuntu OM installation
I have followed a few different guides on importing a cert into a Tomcat
installation from my cert provider as well from the OM site:
https://openmeetings.apache.org/RTMPSAndHTTPS.html
https://helpdesk.ssls.com/hc/en-us/articles/203505171-How-to-install-a-SSL-certificate-on-a-Tomcat-server
last portion you need to changed the XML file. For OM installation you
need to comment out the "Tomcat without SSL enabled" via and
remove them from "Tomcat with SSL enable" in /opt/om/conf/ jee-container.xml
Saved all files and shutdown and restarted the red5 service. Do a NMAP
and still shows OM listening on 5080 and 1935. I have gone into the OM
installation and changed flash.secure = true and restarted from there
and still showing the listening on those ports.
server:~# nmap localhost
Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-17 18:36 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.27s latency).
rDNS record for 127.0.0.1: localhost.localdomain
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
1935/tcp open rtmp
3306/tcp open mysql
5080/tcp open onscreen
/tcp open abyss
Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
Is there other steps that need to be taken to get it to start listening
on 5443? I did notice the four entries below. Do I need to edit them
with my jks file locations and the password used to create or since
client auth is disabled that they are not needed?
key="keystoreFile" value="${rtmps.keystorefile}" />
key="keystorePass" value="${rtmps.keystorepass}" />
key="truststoreFile" value="${rtmps.truststorefile}" />
key="truststorePass" value="${rtmps.truststorepass}" />
I have attached the xml file to make sure that is correct. Need to get
this moved over to SSL as the last browser to still support unsecured
flash is Firefox, and from what I understand that will be removed in the
next revision.
http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:lang="http://www.springframework.org/schema/lang";
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang.xsd
">
