OM 2.1 and 2.0 definitely works with SSL and RTMPS - I wouldn't give up on trying to get that working at this stage, can you run the OM instance using this script
./Red5-debug.sh Then can you see anything in the start-up that may shed some light on the issue? Im assuming that your build works without SSL? So we can rule that out? What distro are you running on? You can check out the install guide here just to check each step: https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+i nstalling+OpenMeetings+and+Tools * Installing OM2.x On Debian64 - Headless * Installing OM2.x On Ubuntu64 - Headless * Installing OM2.x On Ubuntu64 - Headless - v12.10 The later section of the guides has the https and rtmps and some info on reverse proxy. I will run thru the guide step by step tomo using my cert to confirm is still working as normal, I need to update the SVN links anyways. Cheers From: Bart Coninckx [mailto:[email protected]] Sent: 28 January 2013 20:57 To: [email protected] Subject: Re: RTMPS woes Wait a sec, I just read that RTMPS IS RTMPT over SSL !! Will do some morge digging into combining things with a reversed SSL proxy. I also saw pages using Stunnel, which is an ugly hack but if it works ... BC On 01/28/13 21:48, Bart Coninckx wrote: Hi Stephen, thx ! tried both self-signed and an official one. Tried just one browser as we standardize to that browser (Internet Explorer). Getting RTMPS to work seems to be a daunting task. I'm trying to get it to work differently by looking at RTMPT and a SSL reversed proxy. Unfortunately a SSL/TLS version of RTMPT does not seem to exist, unless RTMPS does also a secured version of RTMPT. And then there is the challenge to get the Flash app to use the SSL version of RTMPT. By closing port 1935 RTMPT on 8088 is automatically used, but clear text. *sigh* BC On 01/28/13 21:01, Stephen Cottham wrote: Hey Bart, Are you using a self-signed certificate by chance? have you tried different browsers? Using self-signed certs we have seen problems like this in a few browsers before, (if your using Windows you can import the self-signed cert into the trusted repo and try again this has resolved some issues before) I don't believe you need to set the path to the cert explicitly in red5-core.xml like you are saying below, I have this working on 2.0 and 2.1 without issues (using a legit cert) and have had mixed results using a self-signed and had some issues with Mozilla and chrome using their sandbox with both. Best Regards Stephen Cottham Group IT Manager (Associate) Robert Bird Group Level 5, 333 Ann St Brisbane, Queensland, 4000, Australia Phone: +6173 319 2777 (AUS) Phone: +44207 633 2880 (UK) Fax: +6173 319 2799 Mobile: +61400 756 963 (AUS) Mobile: +447900 918 616 (UK) Web: www.robertbird.com <http://www.robertbird.com/> <http://www.robertbird.com.au/> This email and any attachments are confidential and may contain legally privileged information or copyright material. Unless expressly stated, confidentiality and/or legal privilege is not intended to be waived by the sending of this email. The contents of this email, including any attachments, are intended solely for the use of the individual or entity to whom they are addressed. If you are not an intended recipient, please contact us immediately by return email and then delete both messages. You may not otherwise read, forward, copy, use or disclose this email or any attachments. Any views expressed in this email are those of the individual sender except where the sender expressly, and with authority, states otherwise. It is your responsibility to check any attachments for viruses or defects before opening or sending them on. None of the sender or its related entities accepts any liability for any consequential damage resulting from this email containing computer viruses. Disclaimer added by CodeTwo Exchange Rules www.codetwo.com From: Bart Coninckx [mailto:[email protected]] Sent: 28 January 2013 19:42 To: [email protected] Subject: Re: RTMPS woes Well, it did seem to be an effect of the path: the error message disappeared once I changed <property name="keystoreFile" value="conf/keystore"> into <property name="keystoreFile" value="/data/openmeetings/conf/keystore"> in red5-core.xml This reflects the real path on my server. Some one might want to add this to the documentation. The situation now is like this gentleman describes: https://issues.apache.org/jira/browse/OPENMEETINGS-500 I can't shake the feeling the documentation is missing something ... BC On 01/28/13 00:49, Bart Coninckx wrote: One addition: I installed in /data/openmeetings, but I had this reflected in the init.d script that starts OpenMeetings. I hope that is OK? BC On 01/28/13 00:47, Bart Coninckx wrote: Hi all, been trying to get SSL rolling following the docs on http://incubator.apache.org/openmeetings/RTMPSAndHTTPS.html I doublechecked everything but conecting to the OM site produces a "try 1", "try 2" etc and ends in NetConnection.Connect.Failed The red5 console says: [WARN] [NioProcessor-19] org.red5.server.net.rtmps.RTMPSMinaIoHandler - Exception caught Keystore or password are null the keystore is in "RED5_HOME"/conf and the passwords works. While capturing the packets I see a lot on 443, so HTTPS seems OK and jsut a fiew on 5443, so my guess is that RTMPS has a problem. The only step I did not do in the docu was: 7. Create additional certificate as described above. Add this certificate to the following keystores: red5/conf/keystore.screen and red5/conf/keystore. as it is not very clear. Do you need to create a new CSR and next a new CRT? Because that makes no sense. Or do I need a new keystore named keystore.screen and import the same certificates? Thx for clarifying this, BC Stephen Cottham Group IT Manager (Associate) Robert Bird Group Level 5, 333 Ann St Brisbane, Queensland, 4000, Australia Phone: +6173 319 2777 (AUS) Phone: +44207 633 2880 (UK) Fax: +6173 319 2799 Mobile: +61400 756 963 (AUS) Mobile: +447900 918 616 (UK) Web: www.robertbird.com This email and any attachments are confidential and may contain legally privileged information or copyright material. Unless expressly stated, confidentiality and/or legal privilege is not intended to be waived by the sending of this email. The contents of this email, including any attachments, are intended solely for the use of the individual or entity to whom they are addressed. If you are not an intended recipient, please contact us immediately by return email and then delete both messages. You may not otherwise read, forward, copy, use or disclose this email or any attachments. Any views expressed in this email are those of the individual sender except where the sender expressly, and with authority, states otherwise. It is your responsibility to check any attachments for viruses or defects before opening or sending them on. None of the sender or its related entities accepts any liability for any consequential damage resulting from this email containing computer viruses. Disclaimer added by CodeTwo Exchange Rules http://www.codetwo.com
<<image001.gif>>
<<image002.png>>
