creating 2 self signed certificates like this: keytool -keysize 2048 -genkey -keyalg RSA -alias red5 -keystore red5/conf/keystore -storepass "mypassword" -validity 15000
keytool -keysize 2048 -genkey -keyalg RSA -alias red5 -keystore red5/conf/keystore.screen -storepass "mypassword" -validity 15000 and editing the setups for rtmps, shouldnt it work ? **** thanks. On Wed, Aug 22, 2012 at 11:14 AM, Rafael <[email protected]> wrote: > Thanks Stephen. > Just in case, if I do it with .csr will I need to import a root crt or > mine will be enough? Wich root should I use? > > > On Wed, Aug 22, 2012 at 9:44 AM, Stephen Cottham < > [email protected]> wrote: > >> Assuming the key and cert is you created is in PEM format do this**** >> >> ** ** >> >> Copy the two files (*apache.key.pem and apache.cert.pem - or whatever >> you have called yours ) *to**** >> >> ** ** >> >> */usr/adm/***** >> >> ** ** >> >> Then**** >> >> ** ** >> >> *cd /usr/adm/* >> >> * * >> >> *mkdir certs* >> >> *cd certs/***** >> >> ** ** >> >> *openssl pkcs8 -topk8 -nocrypt -in apache.key.pem -inform PEM -out >> key.der -outform DER* >> >> *openssl x509 -in apache.cert.pem -inform PEM -out cert.der -outform DER* >> >> ** ** >> >> Now we need a couple of files to help us import the DER files into the >> keystore, so issue the**** >> >> following:**** >> >> * * >> >> *wget >> http://www.agentbob.info/agentbob/80/version/default/part/AttachmentData/data/ImportKey.java >> * >> >> *wget >> http://www.agentbob.info/agentbob/81/version/default/part/AttachmentData/data/ImportKey.class >> * >> >> ** ** >> >> Then use these commands to import:**** >> >> * * >> >> *java ImportKey key.der cert.der* >> >> ** ** >> >> Finally move the keystore to the correct location**** >> >> * * >> >> *mv /root/keystore.ImportKey /usr/lib/red5/conf/keystore* >> >> ** ** >> >> N.B = Alias:importkey Password:importkey (When using the java import key >> files, you can change the**** >> >> password afterwards)**** >> >> ** ** >> >> ** ** >> >> ** ** >> >> *From:* Rafael [mailto:[email protected]] >> *Sent:* 22 August 2012 13:36 >> >> *To:* [email protected] >> *Subject:* Re: rtmps and certificate**** >> >> ** ** >> >> openssl**** >> >> On Wed, Aug 22, 2012 at 9:30 AM, Stephen Cottham < >> [email protected]> wrote:**** >> >> What format do you have your self-signed certificate in?**** >> >> **** >> >> **** >> >> **** >> >> *From:* Rafael [mailto:[email protected]] >> *Sent:* 22 August 2012 13:29**** >> >> >> *To:* [email protected] >> *Subject:* Re: rtmps and certificate**** >> >> **** >> >> What should I do at this point? Skipt it ? >> >> 4- Import your chosen CA's root certificate into the keystore (may need >> to download it from their site - make sure to get the root CA and not the >> intermediate one): keytool -import -alias root -keystore red5/conf/keystore >> -trustcacerts -file root.crt (note: you may receive a warning that the >> certificate already exists in the system wide keystore - import anyway)** >> ** >> >> On Wed, Aug 22, 2012 at 9:16 AM, Stephen Cottham < >> [email protected]> wrote:**** >> >> You can use a self-signed certificate and it will work, in some cases you >> will need to import the certificate into your browser so RTMPS to work >> correctly even thou HTTPS will work with the warning message.**** >> >> **** >> >> Best regards**** >> >> **** >> >> **** >> >> **** >> >> *From:* Rafael [mailto:[email protected]] >> *Sent:* 22 August 2012 13:13 >> *To:* [email protected] >> *Subject:* Re: rtmps and certificate**** >> >> **** >> >> is self certicate a solution ??**** >> >> On Tue, Aug 21, 2012 at 11:46 PM, Rafael <[email protected]> wrote:**** >> >> Im sorry Im newbie in rtmps and certificates. Is the only way to use >> rtmps generating a key and sending it to a CA? >> Cant it be done as https that you can "assume the risk" and accept the >> connection as a excpetion ? without verify with a CA ? >> >> Thanks.**** >> >> **** >> >> *Stephen Cottham >> *Group IT Manager (Associate) >> >> Robert Bird Group >> Level 5, 333 Ann St >> Brisbane, Queensland, 4000, Australia**** >> >> *Phone: +6173 319 2777 (AUS)***** >> >> *Phone: +44207 592 8000 (UK)***** >> >> *Fax: +6173 319 2799***** >> >> **** >> >> *Mobile: +61400 756 963 (AUS)***** >> >> *Mobile: +447900 918 616 (UK)***** >> >> *Web: **www.robertbird.com* <http://www.robertbird.com/>**** >> >> <http://www.robertbird.com.au/> >> >> This email and any attachments are confidential and may contain legally >> privileged information or copyright material. Unless expressly stated, >> confidentiality and/or legal privilege is not intended to be waived by the >> sending of this email. The contents of this email, including any >> attachments, are intended solely for the use of the individual or entity to >> whom they are addressed. If you are not an intended recipient, please >> contact us immediately by return email and then delete both messages. You >> may not otherwise read, forward, copy, use or disclose this email or any >> attachments. Any views expressed in this email are those of the individual >> sender except where the sender expressly, and with authority, states >> otherwise. It is your responsibility to check any attachments for viruses >> or defects before opening or sending them on. None of the sender or its >> related entities accepts any liability for any consequential damage >> resulting from this email containing computer viruses. **** >> >> **** >> >> >> Disclaimer added by *CodeTwo Exchange Rules* >> www.codetwo.com**** >> >> **** >> >> **** >> >> ** ** >> > >
<<image001.gif>>
<<image002.png>>
