Hi again, Sorry to come back to this old message, but I'm still confused. I did edit the client source (to add the "best" proxy type), recompiled and installed it and I did import the certificate into the keystore. Running tcpdump on my server, I can see the only ports being used (and actually even attempted) are 5080 and 1935 - I can also see that all traffic is unencrypted. The client obviously never even tries any kind SSL connection. For debugging purposes, which ports would I expect to see traffic on if it worked? Or would it try to negotiate a TLS connection on port 1935? Unfortunately Google removed all the pages on Google Groups, so the short howto that Nexus put together last year is no longer available. I'm not getting anywhere here, even though I've tried various things already, including modifying red5-core.xml to include the beans needed for RTMPS (still, since the client never even tries to connect to that additional port, it would seem to make no difference). I'd just wait for the promised bits of documentation, but since I'm working on a prototype installation for a study project, I have a deadline hanging over my head and even though it wouldn't be the end of the world if I couldn't, it would be nice if I could actually demonstrate to my tutor that the required security mechanisms already work and aren't "going to work" at some later date :). Not trying to put any pressure on anyone here, just trying to explain why I'm so persistent in coming back to this topic. I really appreciate the amount of work that's going into OpenMeetings and the helpful responses here on this list.
Best regards, Holger -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of nexus Sent: Samstag, 8. Oktober 2011 02:01 To: OpenMeetings User Subject: [openmeetings-user] Re: RTMPS On Oct 7, 9:52 am, "Holger Rabbach (ICT)" <[email protected]> wrote: > Hi Sebastian, > > Sounds good - screensharing and recording are not of high importance at this > point, so I can live without them until this is fixed. I'll keep an eye open > for the guide to be published. Thanks for your quick response. > > Holger > > [cid:[email protected]] > > From: [email protected] > [mailto:[email protected]] On Behalf Of > [email protected] > Sent: Freitag, 7. Oktober 2011 15:49 > To: [email protected] > Subject: Re: [openmeetings-user] RTMPS > > Hallo Holger, > > you should use native SSL, we will publish a guide soon. > > However the screensharing and recording has no SSL feature yet. > We hope to fix that when the guide is ready. > > Sebastian > 2011/10/7 Holger <[email protected]<mailto:[email protected]>> > Hi, > > I've looked through the list archive quite a bit, but couldn't find a > solution to my problem there. I'm trying to use RTMPS in the latest > version of OpenMeetings (Windows clients only at this point), so I've > enabled RTMPS in red5 and in the client configuration. I have added a > valid certificate (plus CA and intermediate cert) to the keystore. I > can see that the client does indeed try to use RTMPS, but get the > following log message: > > [WARN] [Red5_Scheduler_Worker-2] > org.red5.server.net.rtmp.RTMPConnection - Closing RTMPMinaConnection > from 93.202.123.176<tel:93.202.123.176> : 55110 to null (in: 294 out > 597 ), with id 1 due to long handshake > > I get the same message also if I try to use the builtin keystore > without my valid certificate - however, when I was using a password on > the certificate's key that was different from the keystore's, I got a > different error. > > Does RTMPS work at all? There was some talk on the list about "native" > RTMPS about a year ago, has that discussion led to any changes and are > they documented anywhere? Any help would be much appreciated - I'm > quite excited about OpenMeetings, but do need RTMPS support to be able > to use it. > > Best regards, > Holger > > -- > You received this message because you are subscribed to the Google Groups > "OpenMeetings User" group. > To post to this group, send email to > [email protected]<mailto:[email protected]m>. > To unsubscribe from this group, send email to > [email protected]<mailto:openmeetings-user%2Bu[email protected]>. > For more options, visit this group > athttp://groups.google.com/group/openmeetings-user?hl=en. > > -- > Sebastian > Wagnerhttp://www.openmeetings.dehttp://www.webbase-design.dehttp://www > .wagner-sebastian.com > [email protected]<mailto:[email protected]> > -- > You received this message because you are subscribed to the Google Groups > "OpenMeetings User" group. > To post to this group, send email to > [email protected]<mailto:[email protected]m>. > To unsubscribe from this group, send email to > [email protected]<mailto:openmeetings-user+uns[email protected]>. > For more options, visit this group > athttp://groups.google.com/group/openmeetings-user?hl=en. > > ________________________________ > OM International Limited - Unit B Clifford Court, Cooper Way - > Carlisle CA3 0JG - United Kingdom Charity reg no: 1112655 - Company > reg no: 5649412 (England and Wales) > > image001.jpg > 28KViewDownload I did a lot of work a while back using RTMPS with Openmeetings and it works well. Sounds like you have the Red5 side set up. In order to get native SSL RTMPS to work with Openmeetings you have to checkout and download the source and add the following bit of code to the following file: WebContent\openmeetings\base\remote\rtmpConnection.lzx this._nc = new NetConnection(); // local reference to rtmpconnection this._nc.t = this; this._nc.proxyType = "best"; --This is the line that you have to add After you add this line and build the app using the instructions on the build page, RTMPS will work. In short, this line is necessary to tell the Flash player to try native SSL first before trying to go through other methods. I have successfully used native SSL RTMPS using openmeetings with Windows, Mac, and Linux clients. It sounds like you have your keystore set up so this should be all you need. I have been able to use the screensharer while using RTMPS but had to hard code the port in the source to use my RTMP port. So the screensharer has not been encrypted. I have recently been trying to build an RTMPS screensharer but have not been sucessful yet. I am looking forward to the guide mentioned as this should help with this quite a bit. I hope this is helpful. -- You received this message because you are subscribed to the Google Groups "OpenMeetings User" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/openmeetings-user?hl=en. OM International Limited - Unit B Clifford Court, Cooper Way - Carlisle CA3 0JG - United Kingdom Charity reg no: 1112655 - Company reg no: 5649412 (England and Wales) -- You received this message because you are subscribed to the Google Groups "OpenMeetings User" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/openmeetings-user?hl=en.
