Thanks Stephen. Just in case, if I do it with .csr will I need to import a root crt or mine will be enough? Wich root should I use?
On Wed, Aug 22, 2012 at 9:44 AM, Stephen Cottham < [email protected]> wrote: > Assuming the key and cert is you created is in PEM format do this**** > > ** ** > > Copy the two files (*apache.key.pem and apache.cert.pem - or whatever you > have called yours ) *to**** > > ** ** > > */usr/adm/***** > > ** ** > > Then**** > > ** ** > > *cd /usr/adm/* > > * * > > *mkdir certs* > > *cd certs/***** > > ** ** > > *openssl pkcs8 -topk8 -nocrypt -in apache.key.pem -inform PEM -out > key.der -outform DER* > > *openssl x509 -in apache.cert.pem -inform PEM -out cert.der -outform DER* > > ** ** > > Now we need a couple of files to help us import the DER files into the > keystore, so issue the**** > > following:**** > > * * > > *wget > http://www.agentbob.info/agentbob/80/version/default/part/AttachmentData/data/ImportKey.java > * > > *wget > http://www.agentbob.info/agentbob/81/version/default/part/AttachmentData/data/ImportKey.class > * > > ** ** > > Then use these commands to import:**** > > * * > > *java ImportKey key.der cert.der* > > ** ** > > Finally move the keystore to the correct location**** > > * * > > *mv /root/keystore.ImportKey /usr/lib/red5/conf/keystore* > > ** ** > > N.B = Alias:importkey Password:importkey (When using the java import key > files, you can change the**** > > password afterwards)**** > > ** ** > > ** ** > > ** ** > > *From:* Rafael [mailto:[email protected]] > *Sent:* 22 August 2012 13:36 > > *To:* [email protected] > *Subject:* Re: rtmps and certificate**** > > ** ** > > openssl**** > > On Wed, Aug 22, 2012 at 9:30 AM, Stephen Cottham < > [email protected]> wrote:**** > > What format do you have your self-signed certificate in?**** > > **** > > **** > > **** > > *From:* Rafael [mailto:[email protected]] > *Sent:* 22 August 2012 13:29**** > > > *To:* [email protected] > *Subject:* Re: rtmps and certificate**** > > **** > > What should I do at this point? Skipt it ? > > 4- Import your chosen CA's root certificate into the keystore (may need to > download it from their site - make sure to get the root CA and not the > intermediate one): keytool -import -alias root -keystore red5/conf/keystore > -trustcacerts -file root.crt (note: you may receive a warning that the > certificate already exists in the system wide keystore - import anyway)*** > * > > On Wed, Aug 22, 2012 at 9:16 AM, Stephen Cottham < > [email protected]> wrote:**** > > You can use a self-signed certificate and it will work, in some cases you > will need to import the certificate into your browser so RTMPS to work > correctly even thou HTTPS will work with the warning message.**** > > **** > > Best regards**** > > **** > > **** > > **** > > *From:* Rafael [mailto:[email protected]] > *Sent:* 22 August 2012 13:13 > *To:* [email protected] > *Subject:* Re: rtmps and certificate**** > > **** > > is self certicate a solution ??**** > > On Tue, Aug 21, 2012 at 11:46 PM, Rafael <[email protected]> wrote:**** > > Im sorry Im newbie in rtmps and certificates. Is the only way to use rtmps > generating a key and sending it to a CA? > Cant it be done as https that you can "assume the risk" and accept the > connection as a excpetion ? without verify with a CA ? > > Thanks.**** > > **** > > *Stephen Cottham > *Group IT Manager (Associate) > > Robert Bird Group > Level 5, 333 Ann St > Brisbane, Queensland, 4000, Australia**** > > *Phone: +6173 319 2777 (AUS)***** > > *Phone: +44207 592 8000 (UK)***** > > *Fax: +6173 319 2799***** > > **** > > *Mobile: +61400 756 963 (AUS)***** > > *Mobile: +447900 918 616 (UK)***** > > *Web: **www.robertbird.com* <http://www.robertbird.com/>**** > > <http://www.robertbird.com.au/> > > This email and any attachments are confidential and may contain legally > privileged information or copyright material. Unless expressly stated, > confidentiality and/or legal privilege is not intended to be waived by the > sending of this email. The contents of this email, including any > attachments, are intended solely for the use of the individual or entity to > whom they are addressed. If you are not an intended recipient, please > contact us immediately by return email and then delete both messages. You > may not otherwise read, forward, copy, use or disclose this email or any > attachments. Any views expressed in this email are those of the individual > sender except where the sender expressly, and with authority, states > otherwise. It is your responsibility to check any attachments for viruses > or defects before opening or sending them on. None of the sender or its > related entities accepts any liability for any consequential damage > resulting from this email containing computer viruses. **** > > **** > > > Disclaimer added by *CodeTwo Exchange Rules* > www.codetwo.com**** > > **** > > **** > > ** ** >
<<image001.gif>>
<<image002.png>>
