I knew you'd get it working eventually :) Paul
On 5/16/07, Dan Rossi <[EMAIL PROTECTED]> wrote:
http://www.red5tutorials.net/index.php/Tutorials:RMI_JMX_SSL Dan Rossi wrote: > Create Server Keystore: > > keytool -genkey -alias red5server -keyalg RSA -validity 36500 -keystore > conf/jmx.keystore -storepass password -keypass password -dname "CN=Dan > Rossi, OU=IT, O=Red5, L=Sydney,S=NSW, C=AU" > > Verify Keystore: > > keytool -list -v -keystore conf/jmx.keystore -storepass password > > Export Self Signed Cert: > > keytool -export -alias red5server -keystore conf/jmx.keystore -file > conf/red5server.cer -storepass password > > Create Client Truststore: > > keytool -genkey -alias red5client -keyalg RSA -validity 36500 -keystore > conf/jmx.truststore -storepass trustword -keypass trustword -dname > "CN=Dan Rossi, OU=IT, O=Red5, L=Sydney,S=NSW, C=AU" > > Import Server Cert into TrustStore: > > keytool -import -file conf/red5server.cer -keystore conf/jmx.truststore > -storepass trustword -noprompt > > Start RMI Registry (unless it is going to started programatically) > > rmiregistry -J-Djava.security.manager > -J-Djava.security.policy=conf/red5.policy > -J-Djavax.net.ssl.trustStore=conf/jmx.truststore > -J-Djavax.net.ssl.trustStorePassword=trustword 9999 & > > > Start Red5: > > With these args > > -Djava.security.manager > -Djava.security.policy=conf/red5.policy > -Dcom.sun.management.jmxremote > -Djavax.net.ssl.keyStore=conf/jmx.keystore > -Djavax.net.ssl.keyStorePassword=password > > Start Jconsole: > > jconsole -J-Djava.security.manager > -J-Djava.security.policy=conf/red5.policy > -J-Djavax.net.ssl.trustStore=conf/jmx.truststore > -J-Djavax.net.ssl.trustStorePassword=trustword > -J-Djava.security.debug=ssl service:jmx:rmi:///jndi/rmi://host:9999/red5 > > > Works after different variations of trying to create the store. So JMX > is enabled locally and RMI is used for remote management. Ive yet to > test this live on a windows server running in a service. > > Ill prob add all the required bits on red5 tutorials, but the silly wiki > doesnt like new lines when you paste it in. > > I also suggest maybe an ant task is created to create the keystore and > truststore for you ? > > > > > > _______________________________________________ > Red5 mailing list > [email protected] > http://osflash.org/mailman/listinfo/red5_osflash.org > > _______________________________________________ Red5 mailing list [email protected] http://osflash.org/mailman/listinfo/red5_osflash.org
-- It is difficult to free fools from the chains they revere. - Voltaire
_______________________________________________ Red5 mailing list [email protected] http://osflash.org/mailman/listinfo/red5_osflash.org
