This is an automated email from the ASF dual-hosted git repository.

solomax pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/openmeetings-site.git


The following commit(s) were added to refs/heads/asf-site by this push:
     new 5ed0234  no jira: HTTPS 4.0.x config is added
5ed0234 is described below

commit 5ed0234160df3edca57c23f67115ffa223f407ed
Author: Maxim Solodovnik <solomax...@gmail.com>
AuthorDate: Mon Oct 26 13:47:28 2020 +0700

    no jira: HTTPS 4.0.x config is added
---
 RTMPSAndHTTPS.html | 606 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 606 insertions(+)

diff --git a/RTMPSAndHTTPS.html b/RTMPSAndHTTPS.html
new file mode 100644
index 0000000..1a0fb96
--- /dev/null
+++ b/RTMPSAndHTTPS.html
@@ -0,0 +1,606 @@
+ 
+
+
+  <!doctype html>
+<!--
+ Generated by Apache Maven Doxia  at 2020-08-22  Rendered using Reflow Maven 
Skin 2.3.0 (http://devacfr.github.io/reflow-maven-skin)
+-->
+<html  xml:lang="en" lang="en">
+        <head>
+    <meta charset="UTF-8" />
+    <title>Apache OpenMeetings Project &#x2013; Using OpenMeetings with RTMPS 
and HTTPS</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta name="description" content="" />
+    <meta name="author" content="Apache OpenMeetings Team" />
+      <meta http-equiv="content-language" content="en" />
+                                                        <link 
href="./css/themes/cerulean/bootstrap.min.css" rel="stylesheet" />
+    <link href="./css/fontawesome/all.min.css" rel="stylesheet" />
+    <link href="./css/reflow-skin.css" rel="stylesheet" />
+    
+    <link rel="stylesheet" href="./js/styles/github.min.css" />
+
+    <link href="./css/lightbox.css" rel="stylesheet" />
+    <link href="./css/site.css" rel="stylesheet" />
+    <link href="./css/print.css" rel="stylesheet" media="print" />
+<link rel="stylesheet" href="./css/site.css"/>
+        </head> <!-- end : head -->
+<body class="page-rtmpsandhttps project-openmeetings-server anchorjs-enabled 
scrolltop-smooth-enabled m-toc-sidebar-enabled m-toc-sidebar-expanded 
m-toc-sidebar-autoexpandable toc-sidebar-fixed">
+    <nav id="m-top-navbar" class="navbar navbar-expand-lg fixed-top 
navbar-light bg-light navbar-dark bg-primary">
+<div class="container">            <a class="navbar-brand mb-0 h1" 
href="index.html">
+            <span class="color-highlight">Apache</span> OpenMeetings
+            </a>
+            <button class="navbar-toggler" type="button" 
data-toggle="collapse" data-target="#top-navbar-collapse-1" 
aria-controls="top-navbar-collapse-1" aria-expanded="false" aria-label="Toggle 
navigation">
+                <span class="navbar-toggler-icon"></span>
+            </button>
+            <div class="collapse navbar-collapse" id="top-navbar-collapse-1">
+                <ul class="nav navbar-nav ml-auto">
+                    <li class="nav-item " ><a  href="demo.html"  title="Demo"  
class="nav-link" >Demo</a></li>
+                    <li class="nav-item " ><a  href="downloads.html"  
title="Download"  class="nav-link" >Download</a></li>
+                    <li class="nav-item " ><a  
href="https://cwiki.apache.org/confluence/display/OPENMEETINGS";  title="Wiki"   
class="externalLink nav-link" >Wiki</a></li>
+                    <li class="nav-item dropdown">
+                <a href="#" class="nav-link dropdown-toggle" 
data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">General <b 
class="caret"></b></a>
+                        <div class="dropdown-menu">
+                            <a href="index.html" title="Home"  
class="dropdown-item ">Home</a>
+                            <a href="https://www.apache.org/licenses/"; 
title="License"  class="dropdown-item ">License</a>
+                            <a href="https://www.apache.org/"; title="ASF"  
class="dropdown-item ">ASF</a>
+                            <a 
href="https://www.apache.org/foundation/sponsorship"; title="Sponsorship"  
class="dropdown-item ">Sponsorship</a>
+                            <a href="https://www.apache.org/foundation/thanks"; 
title="Thanks"  class="dropdown-item ">Thanks</a>
+                            <a href="CallForLogo.html" title="Call For Logo"  
class="dropdown-item ">Call For Logo</a>
+                            <a href="NewsArchive.html" title="News archive"  
class="dropdown-item ">News archive</a>
+                            <a href="security.html" title="Security"  
class="dropdown-item ">Security</a>
+                            <a href="commercial-support.html" 
title="Commercial Support"  class="dropdown-item ">Commercial Support</a>
+                        </div>
+                    </li>
+                    <li class="nav-item dropdown">
+                <a href="#" class="nav-link dropdown-toggle" 
data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Installation 
<b class="caret"></b></a>
+                        <div class="dropdown-menu">
+                            <a href="installation.html" title="Installation"  
class="dropdown-item ">Installation</a>
+                            <a href="Upgrade.html" title="Upgrade"  
class="dropdown-item ">Upgrade</a>
+                            <a 
href="https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools";
 title="Tutorials"  class="dropdown-item ">Tutorials</a>
+                            <a href="CommandLineAdmin.html" title="Command 
Line Admin"  class="dropdown-item ">Command Line Admin</a>
+                        </div>
+                    </li>
+                    <li class="nav-item dropdown">
+                <a href="#" class="nav-link dropdown-toggle" 
data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Community <b 
class="caret"></b></a>
+                        <div class="dropdown-menu">
+                            <a href="get-involved.html" title="Get Involved"  
class="dropdown-item ">Get Involved</a>
+                            <a href="team.html" title="Committers"  
class="dropdown-item ">Committers</a>
+                            <a href="OurUsers.html" title="Our Users"  
class="dropdown-item ">Our Users</a>
+                            <a href="mailing-lists.html" title="Mailing Lists" 
 class="dropdown-item ">Mailing Lists</a>
+                            <a 
href="https://cwiki.apache.org/confluence/display/OPENMEETINGS/"; title="Wiki"  
class="dropdown-item ">Wiki</a>
+                        </div>
+                    </li>
+                    <li class="nav-item dropdown active">
+                <a href="#" class="nav-link dropdown-toggle" 
data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Configuration 
<b class="caret"></b></a>
+                        <div class="dropdown-menu">
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#integration"  
title="Integration"  class="dropdown-item" >Integration</a>                     
           <div class="dropdown-menu">
+                                    <a 
href="openmeetings-webservice/apidocs/index.html" title="SOAP/REST API" 
target="_blank" class="dropdown-item ">SOAP/REST API</a>
+                                    <a href="RestAPISample.html" title="REST 
API Sample"  class="dropdown-item ">REST API Sample</a>
+                                    <a href="LdapAndADS.html" title="Ldap and 
ADS"  class="dropdown-item ">Ldap and ADS</a>
+                                    <a href="oauth2.html" title="OAuth2"  
class="dropdown-item ">OAuth2</a>
+                                    <a href="voip-sip-integration.html" 
title="VoIP and SIP"  class="dropdown-item ">VoIP and SIP</a>
+                                    <a href="errorvalues.html" title="Errors 
table"  class="dropdown-item ">Errors table</a>
+                                    <a href="CalDAVandGCal.html" title="CalDAV 
and Google Calendar integration"  class="dropdown-item ">CalDAV and Google 
Calendar integration</a>
+                                    <a href="ExternalVideo.html" 
title="External Video/Camera"  class="dropdown-item ">External Video/Camera</a>
+                                </div>
+                            </div>
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#plugins"  
title="Plugins"  class="dropdown-item" >Plugins</a>                             
   <div class="dropdown-menu">
+                                    <a href="MoodlePlugin.html" title="Moodle 
Plugin"  class="dropdown-item ">Moodle Plugin</a>
+                                    <a href="SakaiPlugin.html" title="Sakai 
Plugin"  class="dropdown-item ">Sakai Plugin</a>
+                                    <a href="JiraPlugin.html" title="Jira 
Plugin"  class="dropdown-item ">Jira Plugin</a>
+                                    <a href="JoomlaPlugin.html" title="Joomla 
Plugin"  class="dropdown-item ">Joomla Plugin</a>
+                                    <a href="DrupalPlugin.html" title="Drupal 
Plugin"  class="dropdown-item ">Drupal Plugin</a>
+                                    <a href="BitrixPlugin.html" title="Bitrix 
Plugin"  class="dropdown-item ">Bitrix Plugin</a>
+                                    <a href="ConfluencePlugin.html" 
title="Confluence Plugin"  class="dropdown-item ">Confluence Plugin</a>
+                                    <a href="SugarCRMPlugin.html" 
title="SugarCRM Plugin"  class="dropdown-item ">SugarCRM Plugin</a>
+                                    <a href="RedminePlugin.html" 
title="Redmine Plugin"  class="dropdown-item ">Redmine Plugin</a>
+                                </div>
+                            </div>
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#db"  title="DB 
Sample Configurations"  class="dropdown-item" >DB Sample Configurations</a>     
                           <div class="dropdown-menu">
+                                    <a href="ApacheDerbyConfig.html" 
title="Apache Derby"  class="dropdown-item ">Apache Derby</a>
+                                    <a href="IBMDB2Config.html" title="IBM 
DB2"  class="dropdown-item ">IBM DB2</a>
+                                    <a href="OracleConfig.html" title="Oracle" 
 class="dropdown-item ">Oracle</a>
+                                    <a href="MySQLConfig.html" title="MySQL"  
class="dropdown-item ">MySQL</a>
+                                    <a href="PostgresConfig.html" 
title="Postgres"  class="dropdown-item ">Postgres</a>
+                                    <a href="MSSQLConfig.html" title="MSSQL"  
class="dropdown-item ">MSSQL</a>
+                                </div>
+                            </div>
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#localization"  
title="Localization and languages"  class="dropdown-item" >Localization and 
languages</a>                                <div class="dropdown-menu">
+                                    <a href="Internationalisation.html" 
title="Internationalisation"  class="dropdown-item ">Internationalisation</a>
+                                    <a href="LanguageEditor.html" 
title="LanguageEditor"  class="dropdown-item ">LanguageEditor</a>
+                                    <a href="TimeZoneHandling.html" 
title="TimeZoneHandling"  class="dropdown-item ">TimeZoneHandling</a>
+                                    <a href="EditTemplates.html" 
title="EditTemplates"  class="dropdown-item ">EditTemplates</a>
+                                </div>
+                            </div>
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#port"  title="NAT 
Port Settings"  class="dropdown-item" >NAT Port Settings</a>                    
            <div class="dropdown-menu">
+                                    <a href="PortSettings.html" title="Port 
settings"  class="dropdown-item ">Port settings</a>
+                                </div>
+                            </div>
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#performance"  
title="Performance"  class="dropdown-item" >Performance</a>                     
           <div class="dropdown-menu">
+                                    <a href="JVMPerformanceTuning.html" 
title="JVM performance tuning"  class="dropdown-item ">JVM performance 
tuning</a>
+                                    <a href="NetworkCalculator.html" 
title="Network bandwidth calculator"  class="dropdown-item ">Network bandwidth 
calculator</a>
+                                </div>
+                            </div>
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#interface"  
title="User Interface"  class="dropdown-item" >User Interface</a>               
                 <div class="dropdown-menu">
+                                    <a href="themes-and-branding.html" 
title="Themes"  class="dropdown-item ">Themes</a>
+                                    <a href="Dashboard.html" title="Dashboard" 
 class="dropdown-item ">Dashboard</a>
+                                    <a href="WebcamResolutions.html" 
title="Webcam resolutions"  class="dropdown-item ">Webcam resolutions</a>
+                                    <a href="ConferenceRoomLayoutOptions.html" 
title="Room layout options"  class="dropdown-item ">Room layout options</a>
+                                    <a href="HotKeys.html" title="Hot Keys"  
class="dropdown-item ">Hot Keys</a>
+                                </div>
+                            </div>
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#customize"  
title="Customization"  class="dropdown-item" >Customization</a>                 
               <div class="dropdown-menu">
+                                    <a href="WebappNamePath.html" 
title="Webapp name/path"  class="dropdown-item ">Webapp name/path</a>
+                                    <a href="Navigation.html" 
title="Navigation"  class="dropdown-item ">Navigation</a>
+                                    <a href="CalendarAndTimezone.html" 
title="Calendar and timezone"  class="dropdown-item ">Calendar and timezone</a>
+                                    <a href="CustomRoomTypeHowTo.html" 
title="Custom room type"  class="dropdown-item ">Custom room type</a>
+                                    <a href="CustomCryptMechanism.html" 
title="Custom crypt mechanism"  class="dropdown-item ">Custom crypt 
mechanism</a>
+                                    <a href="GeneralConfiguration.html" 
title="General Configuration"  class="dropdown-item ">General Configuration</a>
+                                    <a href="PrivacyStatement.html" 
title="Privacy Statement"  class="dropdown-item ">Privacy Statement</a>
+                                </div>
+                            </div>
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#security"  
title="Security"  class="dropdown-item active" >Security</a>                    
            <div class="dropdown-menu">
+                                    <a href="RestrictedAccess.html" 
title="Restricted Access"  class="dropdown-item ">Restricted Access</a>
+                                    <a href="" title="RTMPS and HTTPS"  
class="dropdown-item active">RTMPS and HTTPS</a>
+                                </div>
+                            </div>
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#convert"  
title="Converters"  class="dropdown-item" >Converters</a>                       
         <div class="dropdown-menu">
+                                    <a href="OpenOfficeConverter.html" 
title="OpenOffice Converter"  class="dropdown-item ">OpenOffice Converter</a>
+                                </div>
+                            </div>
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#cluster"  
title="Clustering"  class="dropdown-item" >Clustering</a>                       
         <div class="dropdown-menu">
+                                    <a href="Clustering.html" 
title="Clustering"  class="dropdown-item ">Clustering</a>
+                                </div>
+                            </div>
+                            <div class="dropdown-submenu">
+                                <a  href="RTMPSAndHTTPS.html#misc"  
title="Misc"  class="dropdown-item" >Misc</a>                                
<div class="dropdown-menu">
+                                    <a href="GetVersionInfo.html" title="Get 
version info"  class="dropdown-item ">Get version info</a>
+                                </div>
+                            </div>
+                        </div>
+                    </li>
+                    <li class="nav-item dropdown">
+                <a href="#" class="nav-link dropdown-toggle" 
data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">Development 
<b class="caret"></b></a>
+                        <div class="dropdown-menu">
+                            <a href="scm.html" title="Source Code"  
class="dropdown-item ">Source Code</a>
+                            <a href="issue-management.html" title="Bugs / 
Issues"  class="dropdown-item ">Bugs / Issues</a>
+                            <a href="dependencies.html" title="Dependencies"  
class="dropdown-item ">Dependencies</a>
+                            <a href="integration.html" title="Continuous 
Integration"  class="dropdown-item ">Continuous Integration</a>
+                            <a href="BuildInstructions.html" title="Build 
Instructions"  class="dropdown-item ">Build Instructions</a>
+                            <a href="JUnitTesting.html" title="JUnit Testing"  
class="dropdown-item ">JUnit Testing</a>
+                            <a href="ManualTesting.html" title="Manual 
Testing"  class="dropdown-item ">Manual Testing</a>
+                            <a href="ReleaseGuide.html" title="Release Guide"  
class="dropdown-item ">Release Guide</a>
+                            <a href="WebsiteGuide.html" title="Website Guide"  
class="dropdown-item ">Website Guide</a>
+                        </div>
+                    </li>
+                </ul><!--/ul.navbar-nav -->
+            </div><!--/.nav-collapse -->
+</div> <!--/.container -->    </nav> <!--/.navbar -->
+    <div class="main-body">
+    <div class="header " role="main">
+        <div class="container container-fluid">
+      <div class="jumbotron header--jumbotron ">
+        <div id="banner" class="row header--banner">
+          <div class="col-md-12">
+            <div class="float-left header--banner--left bannerLeft">
+                    <a href="index.html">
+            <img class="float-left m-2 img-fluid" src="images/logo.png"  />
+            <h1>Apache OpenMeetings</h1>
+            </a>
+            </div>
+            <div class="float-right header--banner--right bannerRight">
+                    <a href="https://apache.org";>
+            <img class="float-left m-2 img-fluid" 
src="https://apache.org/img/asf_logo.png";  />
+            <h1>Apache</h1>
+            </a>
+            </div>
+          </div>
+        </div>
+      </div>
+        </div>
+    </div> <!-- end : header -->
+    <div class="row mt-5">
+        <div class="d-xs-none d-sm-none d-md-none d-lg-block col-lg-2">
+        </div>
+        <main class="col-xs-12 col-sm-12 col-md-12 col-lg-12 col-xl-8" 
role="main">
+    <nav aria-label="breadcrumb">
+        <ol class="breadcrumb">
+            <li class="publishDate version-date">    Last Published: 
2020-08-22</li>
+        </ol>
+    </nav>
+                    <section> 
+ <div class="page-header">
+  <h2 id="using-openmeetings-with-rtmps-and-https">Using OpenMeetings with 
RTMPS and HTTPS</h2>
+ </div> 
+ <p>There are 3 ways the client communicates with the server: </p> 
+ <ul> 
+  <li>The flash-client uses RTMP protocol to transfer Audio/Video and to send 
and receive the user data (login et cetera) to the server and back </li> 
+  <li>The browser uses HTTP protocol to load the SWF and to upload and 
download the files (documents, pdfs, images) to the server and back. </li> 
+  <li>The screensharing client uses RTMP protocol to transfer screen data and 
remote control to the server and back </li> 
+ </ul> 
+</section> 
+<section> 
+ <h2 id="real-certificate">'Real' certificate</h2> 
+ <section> 
+  <h3 id="prerequisites1">Prerequisites</h3> 
+  <ul> 
+   <li>You need OpenMeetings 1.9.x or later for this, OpenMeetings 1.8.x does 
not have those options.</li> 
+   <li>Install OpenMeetings according to the install instructions and check 
that it runs without problems</li> 
+   <li>Rename the existing keystore file <code>red5/conf/keystore.jmx</code> 
to <code>red5/conf/keystore.bak</code></li> 
+   <li>Rename the existing truststore file 
<code>red5/conf/truststore.jmx</code> to 
<code>red5/conf/truststore.bak</code></li> 
+  </ul> 
+ </section> 
+ <section> 
+  <h3 id="create-keystore-from-the-scratch">Create Keystore from the 
scratch</h3> 
+  <ol style="list-style-type: decimal"> 
+   <li> Create a new keystore and key, use the same password for both:<br> 
<br> 
+    <div class="source"> 
+     <pre>keytool -keysize 2048 -genkey -alias red5 -keyalg RSA -keystore 
red5/conf/keystore.jks
+Enter keystore password:
+Re-enter new password:
+What is your first and last name?
+[Unknown]:  &lt;your hostname, e.g demo.openmeetings.de&gt;
+What is the name of your organizational unit?
+[Unknown]:  Dev
+What is the name of your organization?
+[Unknown]:  OpenMeetings
+What is the name of your City or Locality?
+[Unknown]:  Henderson
+What is the name of your State or Province?
+[Unknown]:  Nevada
+What is the two-letter country code for this unit?
+[Unknown]:  US
+Is CN=demo.openmeetings.de, OU=Dev, O=OpenMeetings, L=Henderson, ST=Nevada, 
C=US correct?
+[no]:  yes
+Enter key password for &lt;red5&gt;
+</pre> 
+    </div> </li> 
+   <li>Generate a CSR: 
+    <div class="source"> 
+     <pre>keytool -certreq -keyalg RSA -alias red5 -file red5.csr -keystore 
red5/conf/keystore.jks</pre> 
+    </div> </li> 
+   <li>Submit CSR to your CA of choice and receive a signed certificate </li> 
+   <li>Import your chosen CA's root certificate into the keystore (may need to 
download it from their site - make sure to get the root CA and not the 
intermediate one): 
+    <div class="source"> 
+     <pre>keytool -import -alias root -keystore red5/conf/keystore.jks 
-trustcacerts -file root.crt</pre> 
+    </div> (note: you may receive a warning that the certificate already 
exists in the system wide keystore - import anyway) </li> 
+   <li>Import the intermediate certificate(s) you normally receive with the 
certificate: 
+    <div class="source"> 
+     <pre>keytool -import -alias intermed -keystore red5/conf/keystore.jks 
-trustcacerts -file intermediate.crt</pre> 
+    </div> </li> 
+   <li>Import the certificate you received: 
+    <div class="source"> 
+     <pre>keytool -import -alias red5 -keystore red5/conf/keystore.jks 
-trustcacerts -file demo.openmeetings.de.crt</pre> 
+    </div> </li> 
+   <li>Please NOTE according to this <a class="externalLink" 
href="http://javarevisited.blogspot.com/2012/09/difference-between-truststore-vs-keyStore-Java-SSL.html";>http://javarevisited.blogspot.com/2012/09/difference-between-truststore-vs-keyStore-Java-SSL.html</a>
 guide you can split keystore and truststore (OPTIONAL you might just copy 
keystore to truststore) </li> 
+   <li>Create additional certificate as described above. Add this certificate 
to the following keystores: <code>red5/conf/keystore.screen</code> and 
<code>red5/conf/keystore.jks</code>. (This step is required to be able to use 
screen-sharing web application, you can copy "main" keystore while testing) 
</li> 
+  </ol> 
+ </section> 
+ <section> 
+  <h3 id="create-keystore-using-existing-key-pair">Create Keystore using 
existing key-pair</h3> 
+  <section> 
+   <h4 id="prerequisites2">Prerequisites</h4> 
+   <ul> 
+    <li>Server key: red5.key</li> 
+    <li>Signed CSR: red5.crt</li> 
+    <li>CA's root certificate: root.crt</li> 
+    <li>** Intermediate certificate(s): intermedXX.crt</li> 
+   </ul> 
+  </section> 
+  <section> 
+   <h4 id="steps1">Steps</h4> 
+   <ol style="list-style-type: decimal"> 
+    <li> Export existing keys into PKCS12 format:<br> <br> 
+     <div class="source"> 
+      <pre>openssl pkcs12 -export -in red5.crt -inkey red5.key -out red5.p12 
-name red5 -certfile root.crt -certfile intermedXX.crt
+
+Enter Export Password: password
+Verifying - Enter Export Password: password
+</pre> 
+     </div> </li> 
+    <li>Import resulting red5.p12 into keystore: 
+     <div class="source"> 
+      <pre>keytool -importkeystore -srcstorepass password -srckeystore 
red5.p12 -srcstoretype PKCS12 -deststorepass password -destkeystore 
red5/conf/keystore.jks -alias red5
+</pre> 
+     </div> </li> 
+    <li>Import your chosen CA's root certificate into the keystore (may need 
to download it from their site - make sure to get the root CA and not the 
intermediate one): 
+     <div class="source"> 
+      <pre>keytool -import -alias root -keystore red5/conf/keystore.jks 
-trustcacerts -file root.crt</pre> 
+     </div> (note: you may receive a warning that the certificate already 
exists in the system wide keystore - import anyway) </li> 
+    <li>Import the intermediate certificate(s) you normally receive with the 
certificate: 
+     <div class="source"> 
+      <pre>keytool -import -alias intermed -keystore red5/conf/keystore.jks 
-trustcacerts -file intermedXX.crt</pre> 
+     </div> </li> 
+    <li>Please NOTE according to this <a class="externalLink" 
href="http://javarevisited.blogspot.com/2012/09/difference-between-truststore-vs-keyStore-Java-SSL.html";>http://javarevisited.blogspot.com/2012/09/difference-between-truststore-vs-keyStore-Java-SSL.html</a>
 guide you can split keystore and truststore (OPTIONAL you might just copy 
keystore to truststore) </li> 
+    <li>Create additional certificate as described above. Add this certificate 
to the following keystores: <code>red5/conf/keystore.screen</code> and 
<code>red5/conf/keystore.jks</code>. (This step is required to be able to use 
screen-sharing web application, you can copy "main" keystore while testing) 
</li> 
+   </ol> 
+  </section> 
+ </section> 
+</section> 
+<section> 
+ <h2 id="self-signed-certificate">Self-signed certificate</h2> 
+ <section> 
+  <h3 id="prerequisites3">Prerequisites</h3> 
+  <ul> 
+   <li>Create CA's root certificate: ca.crt</li> 
+   <li>Create self-signed server certificate: red5.crt <code>Common Name (CN) 
while creating certificate should be assign to FQDN of your site, for example - 
vkc.company.com</code></li> 
+   <li>Rename the existing keystore file <code>red5/conf/keystore.jmx</code> 
to <code>red5/conf/keystore.bak</code></li> 
+   <li>Rename the existing truststore file 
<code>red5/conf/truststore.jmx</code> to 
<code>red5/conf/truststore.bak</code></li> 
+  </ul> 
+ </section> 
+ <section> 
+  <h3 id="steps-for-om-server">Steps for OM server</h3> 
+  <ol style="list-style-type: decimal"> 
+   <li>Export existing keys into PKCS12 format: 
+    <div class="source"> 
+     <pre>cd _folder_with_certificates_
+openssl pkcs12 -export -in red5.crt -inkey red5.key -out red5.p12 -name red5 
-certfile ca.crt
+</pre> 
+    </div> </li> 
+   <li>Import resulting red5.p12 into keystore: 
+    <div class="source"> 
+     <pre>keytool -importkeystore -srcstorepass changeit -srckeystore red5.p12 
-srcstoretype PKCS12 -deststorepass changeit -destkeystore 
/opt/red5/conf/keystore.jks -alias red5
+</pre> 
+    </div> This command creates the keystore.jks with password changeit (may 
be any password) </li> 
+   <li>Import your CA's root certificate into the keystore: 
+    <div class="source"> 
+     <pre>keytool -import -alias root -keystore /opt/red5/conf/keystore.jks 
-keystorepass changeit -trustcacerts -file ca.crt
+</pre> 
+    </div> </li> 
+   <li>copy keystore to truststore 
+    <div class="source"> 
+     <pre>cp /opt/red5/conf/keystore.jks /opt/red5/conf/truststore.jks
+</pre> 
+    </div> </li> 
+   <li>Change passwords in /opt/red5/conf/red5.properties 
+    <div class="source"> 
+     <pre>rtmps.keystorepass=changeit
+rtmps.truststorepass=changeit
+jmx.keystorepass=changeit
+</pre> 
+    </div> </li> 
+   <li>Set up SSL according <a href="#SSL_for_the_web_interface" title="SSL 
for the web interface">SSL for the web interface</a> section.</li> 
+   <li>Set up RTMPS according <a href="#Tunneling_RTMPS" title="Tunneling 
RTMPS">Tunneling RTMPS</a> or <a href="#Native_RTMPS" title="Native 
RTMPS">Native RTMPS</a> sections.</li> 
+   <li>Restart OM service or whole OM server. Now OM server is ready to accept 
SSL-connections.</li> 
+  </ol> 
+ </section> 
+ <section> 
+  <h3 id="steps-for-client-machines">Steps for client machines</h3> 
+  <p>Windows specific steps are marked with (**)</p> 
+  <ol style="list-style-type: decimal"> 
+   <li>(**)Add the ca.crt certificate as trusted into the CA's list on all 
windows PC at the system level (certmgr.msc applet)</li> 
+   <li>Add the ca.crt certificate as trusted into Chrome/Firefox if it 
used</li> 
+   <li> Add the ca.crt certificate into ${JAVA_HOME}/lib/security/cacerts with 
keytool utility on a PC that organizes screensharing <p> (**) <br> For example, 
Java Version 8 Update 144 has been installed on Windows machine by default 
location path.<br> Copy ca.crt to a folder : c:\ca.crt<br> Start command line 
interface as administrator:<br> runas /user:AdminAccount cmd.exe<br> Enter 
admin password<br> Enter to bin directory of java:<br> cd "c:\Program 
Files\Java\jre1.8.0_144\bin"<br> Im [...]
+  </ol> 
+ </section> 
+</section> 
+<section> 
+ <h2 id="ssl-for-the-web-interface">SSL for the web interface</h2> 
+ <p>Please perform following steps if you want to use SSL for the web 
interface. This is mainly to secure the server against MITM attacks, 
additionally some other features like file uploads also use a plain HTTP 
connection if this is not done. The following instructions assume that you have 
already set up RTMPS successfully. </p> 
+ <ol style="list-style-type: decimal"> 
+  <li> Edit <code>red5/conf/jee-container.xml</code> file:<br> Comment 
<code>Tomcat without SSL enabled</code> section<br> UNComment <code>Tomcat with 
SSL enabled</code> section </li> 
+  <li> Restart red5 and try to connect to <u>https://your.server:5443</u> - 
you should be redirected to the OpenMeetings app and all access should be via 
HTTPS and/or RTMPS (close port 5080 to be sure). </li> 
+ </ol> 
+</section> 
+<section> 
+ <h2 id="set-up-rtmps">Set up RTMPS</h2> 
+ <section> 
+  <h3 id="tunneling-rtmps">Tunneling RTMPS</h3> 
+  <ol style="list-style-type: decimal"> 
+   <li>HTTPS need to be enabled otherwise tunneling will not work (it can be 
set up using frontend nginx/apache as well)</li> 
+   <li> In Administration-&gt;Configuration set<br> <br> 
+    <div class="source"> 
+     <pre>                                     flash.secure = true
+                                       flash.secure.proxy = none
+</pre> 
+    </div> </li> 
+   <li>Restart red5 and try to connect - your connection should now be made 
via RTMPS (close port 1935 to be sure) </li> 
+  </ol> 
+ </section> 
+ <section> 
+  <h3 id="native-rtmps">Native RTMPS</h3> 
+  <ol style="list-style-type: decimal"> 
+   <li> Default RTMPS port is 8443, you can change it by editing 
<code>red5/conf/red5.properties</code> and change the port here: 
<code>rtmps.port=8443</code><br> Please set 
<code>rtmps.keystorepass=password</code> and 
<code>rtmps.truststorepass=password</code> (password = password you set on your 
new keystore(s))<br> Additionally you need to set 
<code>rtmps.screen.keystorepass=screenpassword</code> (screenpassword = 
password you set on your keystore for screen-sharing application) </li> 
+   <li> Edit <code>red5/conf/red5-core.xml</code> file:<br> UNComment 
<code>RTMPS</code> section </li> 
+   <li> In Administration-&gt;Configuration set<br> <br> 
+    <div class="source"> 
+     <pre>                                     flash.secure = true
+                                       flash.secure.proxy = best
+</pre> 
+    </div> </li> 
+   <li>Restart red5 and try to connect - your connection should now be made 
via RTMPS (close port 1935 to be sure) </li> 
+  </ol> 
+ </section> 
+</section> 
+<section> 
+ <h2 id="setting-up-different-set-of-allowed-cithers">Setting up different set 
of allowed cithers</h2> 
+ <div>
+   In case you would like to specify different set of allowed cithers you need 
to 
+  <ol style="list-style-type: decimal"> 
+   <li>Open <code>conf/jee-container.xml</code> using your favorite text 
editor</li> 
+   <li>Go to <code>"Tomcat with SSL enabled" -&gt; "tomcat.server" -&gt; 
"connectors" -&gt; "httpsConnector" -&gt; "connectionProperties"</code></li> 
+   <li> Add following entry 
+    <div class="source"> 
+     <pre>&lt;entry key="ciphers" 
value="TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_SHA256,TLS_ECDHE_RSA_WITH_AES_128_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_SHA,TLS_ECDHE_RSA_WITH_AES_256_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_SHA384,TLS_ECDHE_RSA_WITH_AES_256_SHA,TLS_ECDHE_ECDSA_WITH_AES
 [...]
+    </div> </li> 
+  </ol> Please check 
+  <a class="externalLink" 
href="https://issues.apache.org/jira/browse/OPENMEETINGS-1969?focusedCommentId=16721099&amp;page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-16721099";>this
 JIRA issue</a> for more information 
+ </div> 
+</section> 
+<section> 
+ <h2 id="credits1">Credits</h2> 
+ <p>Thanks to Nexus, Holger Rabbach and Yakovlev Nick for their help and 
contribution to configuration and documentation! </p> 
+</section>        </main>
+        <div class="d-none d-sm-none d-md-none d-lg-none d-xl-block col-xl-2">
+            <div id="m-toc-sidebar" class="d-print-none m-toc-sidebar-enabled 
m-toc-sidebar-expanded m-toc-sidebar-autoexpandable toc-sidebar-fixed">
+                <nav id="m-toc-sidebar-nav flex-column">
+                <ul class="m-nav--sidebar nav flex-column flex-nowrap">
+    <li class="h2">
+        <a class="nav-link" href="#using-openmeetings-with-rtmps-and-https" 
title="Using OpenMeetings with RTMPS and HTTPS">Using OpenMeetings with RTMPS 
and HTTPS</a>
+    </li>
+        <li class="h2">
+        <a class="nav-link" href="#real-certificate" title="'Real' 
certificate">'Real' certificate</a>
+    </li>
+    <ul class="nav flex-column flex-nowrap nav-collapsible">
+            <li class="h3">
+        <a class="nav-link" href="#prerequisites1" 
title="Prerequisites">Prerequisites</a>
+    </li>
+    <li class="h3">
+        <a class="nav-link" href="#create-keystore-from-the-scratch" 
title="Create Keystore from the scratch">Create Keystore from the scratch</a>
+    </li>
+    <li class="h3">
+        <a class="nav-link" href="#create-keystore-using-existing-key-pair" 
title="Create Keystore using existing key-pair">Create Keystore using existing 
key-pair</a>
+    </li>
+    <ul class="nav flex-column flex-nowrap nav-collapsible">
+            <li class="h4">
+        <a class="nav-link" href="#prerequisites2" 
title="Prerequisites">Prerequisites</a>
+    </li>
+    <li class="h4">
+        <a class="nav-link" href="#steps1" title="Steps">Steps</a>
+    </li>
+    </ul>
+    </ul>
+        <li class="h2">
+        <a class="nav-link" href="#self-signed-certificate" title="Self-signed 
certificate">Self-signed certificate</a>
+    </li>
+    <ul class="nav flex-column flex-nowrap nav-collapsible">
+            <li class="h3">
+        <a class="nav-link" href="#prerequisites3" 
title="Prerequisites">Prerequisites</a>
+    </li>
+    <li class="h3">
+        <a class="nav-link" href="#steps-for-om-server" title="Steps for OM 
server">Steps for OM server</a>
+    </li>
+    <li class="h3">
+        <a class="nav-link" href="#steps-for-client-machines" title="Steps for 
client machines">Steps for client machines</a>
+    </li>
+    </ul>
+        <li class="h2">
+        <a class="nav-link" href="#ssl-for-the-web-interface" title="SSL for 
the web interface">SSL for the web interface</a>
+    </li>
+        <li class="h2">
+        <a class="nav-link" href="#set-up-rtmps" title="Set up RTMPS">Set up 
RTMPS</a>
+    </li>
+    <ul class="nav flex-column flex-nowrap nav-collapsible">
+            <li class="h3">
+        <a class="nav-link" href="#tunneling-rtmps" title="Tunneling 
RTMPS">Tunneling RTMPS</a>
+    </li>
+    <li class="h3">
+        <a class="nav-link" href="#native-rtmps" title="Native RTMPS">Native 
RTMPS</a>
+    </li>
+    </ul>
+        <li class="h2">
+        <a class="nav-link" 
href="#setting-up-different-set-of-allowed-cithers" title="Setting up different 
set of allowed cithers">Setting up different set of allowed cithers</a>
+    </li>
+        <li class="h2">
+        <a class="nav-link" href="#credits1" title="Credits">Credits</a>
+    </li>
+                    </ul>
+                </nav>
+           </div>
+        </div>
+    </div> <!-- row: end -->
+</div> <!-- .main-body: end -->
+    <div id="m_scrolltop" class="m-scrolltop">
+               <i class="fa fa-arrow-up"></i>
+    </div>
+  <!-- Footer -->
+<footer class="footer-light bg-light">
+    <div class="container">
+        <div class="row">
+                        <div class="col bottom-nav">
+                <ul class="nav flex-column nav-list">
+                    <li class="nav-header">
+General
+                    </li>
+                    <li class="nav-item "><a  href="index.html"  title="Home"  
class="nav-link" >Home</a></li>
+                    <li class="nav-item "><a  
href="https://www.apache.org/licenses/";  title="License"   class="externalLink 
nav-link" >License</a></li>
+                    <li class="nav-item "><a  href="https://www.apache.org/";  
title="ASF"   class="externalLink nav-link" >ASF</a></li>
+                    <li class="nav-item "><a  
href="https://www.apache.org/foundation/sponsorship";  title="Sponsorship"   
class="externalLink nav-link" >Sponsorship</a></li>
+                    <li class="nav-item "><a  
href="https://www.apache.org/foundation/thanks";  title="Thanks"   
class="externalLink nav-link" >Thanks</a></li>
+                    <li class="nav-item "><a  href="CallForLogo.html"  
title="Call For Logo"  class="nav-link" >Call For Logo</a></li>
+                    <li class="nav-item "><a  href="NewsArchive.html"  
title="News archive"  class="nav-link" >News archive</a></li>
+                    <li class="nav-item "><a  href="security.html"  
title="Security"  class="nav-link" >Security</a></li>
+                    <li class="nav-item "><a  href="commercial-support.html"  
title="Commercial Support"  class="nav-link" >Commercial Support</a></li>
+                </ul>
+            </div>
+            <div class="col bottom-nav">
+                <ul class="nav flex-column nav-list">
+                    <li class="nav-header">
+Installation
+                    </li>
+                    <li class="nav-item "><a  href="installation.html"  
title="Installation"  class="nav-link" >Installation</a></li>
+                    <li class="nav-item "><a  href="Upgrade.html"  
title="Upgrade"  class="nav-link" >Upgrade</a></li>
+                    <li class="nav-item "><a  
href="https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools";
  title="Tutorials"   class="externalLink nav-link" >Tutorials</a></li>
+                    <li class="nav-item "><a  href="CommandLineAdmin.html"  
title="Command Line Admin"  class="nav-link" >Command Line Admin</a></li>
+                </ul>
+            </div>
+            <div class="col bottom-nav">
+                <ul class="nav flex-column nav-list">
+                    <li class="nav-header">
+Community
+                    </li>
+                    <li class="nav-item "><a  href="get-involved.html"  
title="Get Involved"  class="nav-link" >Get Involved</a></li>
+                    <li class="nav-item "><a  href="team.html"  
title="Committers"  class="nav-link" >Committers</a></li>
+                    <li class="nav-item "><a  href="OurUsers.html"  title="Our 
Users"  class="nav-link" >Our Users</a></li>
+                    <li class="nav-item "><a  href="mailing-lists.html"  
title="Mailing Lists"  class="nav-link" >Mailing Lists</a></li>
+                    <li class="nav-item "><a  
href="https://cwiki.apache.org/confluence/display/OPENMEETINGS/";  title="Wiki"  
 class="externalLink nav-link" >Wiki</a></li>
+                </ul>
+            </div>
+            <div class="col bottom-nav">
+                <ul class="nav flex-column nav-list">
+                    <li class="nav-header">
+Development
+                    </li>
+                    <li class="nav-item "><a  href="scm.html"  title="Source 
Code"  class="nav-link" >Source Code</a></li>
+                    <li class="nav-item "><a  href="issue-management.html"  
title="Bugs / Issues"  class="nav-link" >Bugs / Issues</a></li>
+                    <li class="nav-item "><a  href="dependencies.html"  
title="Dependencies"  class="nav-link" >Dependencies</a></li>
+                    <li class="nav-item "><a  href="integration.html"  
title="Continuous Integration"  class="nav-link" >Continuous 
Integration</a></li>
+                    <li class="nav-item "><a  href="BuildInstructions.html"  
title="Build Instructions"  class="nav-link" >Build Instructions</a></li>
+                    <li class="nav-item "><a  href="JUnitTesting.html"  
title="JUnit Testing"  class="nav-link" >JUnit Testing</a></li>
+                    <li class="nav-item "><a  href="ManualTesting.html"  
title="Manual Testing"  class="nav-link" >Manual Testing</a></li>
+                    <li class="nav-item "><a  href="ReleaseGuide.html"  
title="Release Guide"  class="nav-link" >Release Guide</a></li>
+                    <li class="nav-item "><a  href="WebsiteGuide.html"  
title="Website Guide"  class="nav-link" >Website Guide</a></li>
+                </ul>
+            </div>
+        </div> <!-- END: .row -->
+    </div> <!-- END: .container -->
+</footer>
+  <div class="container subfooter text-center">
+    <div class="row">
+      <div class="col-md-12">
+        <p class="copyright">Copyright &copy;2012-2020
+                 <a href="https://apache.org";>Apache Software Foundation</a>
+. All Rights Reserved.</p>
+      </div>
+    </div>
+  </div>
+
+  <!-- Le javascript
+  ================================================== -->
+  <!-- Placed at the end of the document so the pages load faster -->
+    <script src="./js/jquery.min.js" crossorigin="anonymous"></script>
+    <script src="./js/popper.min.js" crossorigin="anonymous"></script>
+    <script src="./js/bootstrap.min.js" crossorigin="anonymous"></script>
+
+  <script src="./js/lightbox.min.js" crossorigin="anonymous"></script>
+               <script src="./js/highlight.min.js" 
crossorigin="anonymous"></script>
+                    
+<script src="./js/site.js" type="text/javascript"></script>        
+<script src="./js/jquery-ui.min.js" type="text/javascript"></script>        
+<script src="./js/netcalc.js" type="text/javascript"></script>        
+<p class="text-center">Apache OpenMeetings, OpenMeetings, Apache, the Apache 
feather, and the Apache OpenMeetings project logo</p>        
+<p class="text-center">are trademarks of the Apache Software Foundation.</p>  
<script src="./js/reflow-skin.js" crossorigin="anonymous"></script>
+    <script src="./js/anchor.min.js" crossorigin="anonymous"></script>
+    </body>
+</html>

Reply via email to