Hello Nik,

I'm trying to answer all emails, sorry if I missed yours :(
To make self-signed certificate work with red5 you MUST
1) add certificate to trusted certs of Java
2) add certificate to trusted certs of browser (icon should be green)
3) correctly create red5 keystore/truststore

to provide thurther help I need you detailed steps

On Wed, Aug 16, 2017 at 8:30 PM, Yakovlev N. <yakovlev...@krvostok.ru> wrote:
> Hi Andreas,
> OK, your opinion is your opinion and I respect it.
> We speak about an internal OM service but not about the world one...
> I understand the trusted certificates are more preferable but in my case 
> unnecessary I think.
> I'm not sure blacklists are my cases...
>
> Nik
>
> -----Original Message-----
> From: df...@gmx.de [mailto:df...@gmx.de]
> Sent: Wednesday, August 16, 2017 4:18 PM
> To: user@openmeetings.apache.org
> Subject: Re: [ANNOUNCE] HTTPS is now required
>
> Hi Nik,
>
> sorry - I cannot agree to your "I cannot agree". Most email client programs 
> do check certificates and deny connections if certificate is not trusted. May 
> be 5% will work - but 95% will not (and tomorrow percentage is higher than 
> today). I can not recommend to use any self-signed certificate (except for 
> internal tasks). Additionally maybe you are added to blacklists if you are 
> "on the air" using a self-signed certificate.
>
> Best regards
> Andreas
>
> Am Mittwoch, 16. August 2017, 16:01:52 CEST schrieb Yakovlev N.:
>> I don't agree.
>> I use selfsigned certiticates on other corporate services successfully 
>> (mail, cloud and so on).
>> Yes, browsers ask questions but this is no problem. In this case such 
>> certificates must be added as trusted ones.
>>
>> Nik
>>
>> -----Original Message-----
>> From: df...@gmx.de [mailto:df...@gmx.de]
>> Sent: Wednesday, August 16, 2017 3:44 PM
>> To: user@openmeetings.apache.org
>> Subject: Re: [ANNOUNCE] HTTPS is now required
>>
>> Self-signed will not be accepted by most browsers and will not work. The 
>> goal of SSL *IS THE POSSIBILITY OF VERIFICATION OF THE PAGE OWNER*...
>>
>> Try certificates from lets encrypt - they are free ;)
>>
>> Best regards
>> Andreas
>>
>> Am Mittwoch, 16. August 2017, 15:25:17 CEST schrieb Yakovlev N.:
>> > Hi, Maxim!
>> > I have some problems with SSL and no ideas to solve them.
>> > Five months ago  I asked community how to install SSL on OM but nobody 
>> > answered.
>> > (http://mail-archives.apache.org/mod_mbox/openmeetings-user/201703.mbox/browser
>> >     Subject: SSL with OM   Date Mon, 20 Mar 2017 08:30:40 GMT  )
>> > The manual listed on page 
>> > http://openmeetings.apache.org/RTMPSAndHTTPS.html did not help me.
>> > No any errors in logs, browser hangs and shows an empty page.
>> > Firefox outputs "Executing TLS-handshaking with vkc.krvostok.ru" on the 
>> > left bottom side.
>> > The "openssl   s_client   -connect   vkc.krvostok.ru:5443" command hangs 
>> > also and outputs only one line: CONNECTED(00000003).
>> > Firewall is off, tcp-5443 port is listening on the OM host.
>> >
>> > Is there any roadmap of using selfsigned serfificates for OM?
>> >
>> > Best regards
>> > Nik
>> >
>> > -----Original Message-----
>> > From: Maxim Solodovnik [mailto:solomax...@gmail.com]
>> > Sent: Wednesday, August 16, 2017 7:23 AM
>> > To: Openmeetings user-list
>> > Subject: [ANNOUNCE] HTTPS is now required
>> >
>> > Hello All,
>> >
>> > Google developers are trying to move WWW to HTTPS To force this transition 
>> > they restrict features available to HTTP sites in Chrome/Chromium Latest 
>> > restriction is: Camera and microphone will not be available to JS/Flash 
>> > code for HTTP sites: proof:
>> >
>> > "Microphone and Camera access no longer works on insecure origins. To use 
>> > this feature, you should consider switching your application to a secure 
>> > origin, such as HTTPS. See https://goo.gl/rStTGz for more details."
>> >
>> > So please set up HTTPS for your OM site to prevent camera/microphone 
>> > issues.
>> >
>> > --
>> > WBR
>> > Maxim aka solomax
>> >
>> >
>>
>>
>>
>
>



-- 
WBR
Maxim aka solomax

Reply via email to