Hello all, for me it worked after adding my self-Signed Certificate as Trusted CA for my System (I used a windows 7/8.1 Client). To make this i just export my certificate from the start-page of AOM and then made the following:
- Right click on the certificate - Choose Install - Choose the option to install the certificate in a specific directory - Navigate and select the second one. (Trusted CA) - You should receive a pop up asking you to validate the process. The steps above worked perfectly for all windows machines. Under Ubuntu i made the same, by following this: http://blog.tkassembled.com/410/adding-a-certificate-authority-to-the-trusted-list-in-ubuntu/ .But there is still the same mistake. Actually i didn't used JVM at all. 2015-02-25 19:43 GMT+01:00 OpenAr-IT Soluciones <[email protected]>: > Hi Maxim, > > Sorry but I still don't get it. I've got the keystore/truststore in conf > directory (directory created when unzipping apache-openmeetings-3.0.4.zip) > and configured in red5.properties. Where can I find the JVM own > keystore/truststore? Do you mean the cacerts found in java/lib/security? > > Thanks, > > On Wed, Feb 25, 2015 at 1:02 AM, Maxim Solodovnik <[email protected]> > wrote: > >> your server JVM has its own keystore/truststore >> you need to add your certificate into it >> >> On Wed, Feb 25, 2015 at 12:45 AM, OpenAr-IT Soluciones < >> [email protected]> wrote: >> >>> Hi Maxim, what do you mean by "you need to add your certificate to the >>> trusted certificates of your server JVM"?. I have the same issue as Lionel. >>> >>> Lionel, what did you do exactly? >>> >>> >>> Thanks in advance. >>> >>> >>> >>> On Wed, Feb 4, 2015 at 1:45 PM, Maxim Solodovnik <[email protected]> >>> wrote: >>> >>>> you need to add your certificate to the trusted certificates of your >>>> server JVM >>>> >>>> On Wed, Feb 4, 2015 at 10:40 PM, Lionel Djeukam <[email protected] >>>> > wrote: >>>> >>>>> Ok, that's what i observed: >>>>> First of all, my certificate was added as expected in the trusted list >>>>> on the server side, therefore the following lines: >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> *"adding as trusted cert: Subject: CN=139.6.237.96, >>>>> OU=Informationssicherheit, O=FH-Koeln, L=Koeln, ST=NRW, C=DE Issuer: >>>>> CN=139.6.237.96, OU=Informationssicherheit, O=FH-Koeln, L=Koeln, ST=NRW, >>>>> C=DE Algorithm: RSA; Serial number: 0x21787fbf Valid from Wed Feb 04 >>>>> 15:06:08 CET 2015 until Sat Jan 30 15:06:08 CET 201*6 >>>>> ... >>>>> ... " >>>>> >>>>> Second, during the TLS-Handshake, it seems like there is a problem >>>>> with my certificate on the client side >>>>> which followed to a fatal error: >>>>> >>>>> >>>>> >>>>> >>>>> *"NioProcessor-21, READ: TLSv1 Alert, length = 2NioProcessor-21, RECV >>>>> TLSv1 ALERT: fatal, bad_certificateNioProcessor-21, fatal: engine already >>>>> closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: >>>>> bad_certificateNioProcessor-21, fatal: engine already closed. Rethrowing >>>>> javax.net.ssl.SSLException: Received fatal alert: bad_certificate"* >>>>> >>>>> Should i do anythings else than just add an exception for my >>>>> certificate on the client side? >>>>> >>>>> >>>>> 2015-02-04 17:18 GMT+01:00 Maxim Solodovnik <[email protected]>: >>>>> >>>>>> not sure what is wrong :(( >>>>>> >>>>>> you need to call >>>>>> sudo /etc/init.d/red5 stop >>>>>> >>>>>> then open ./red5-debug.sh add -Djavax.net.debug=all to the JAVA_OPTS >>>>>> then start ./red5-debug.sh from the console >>>>>> >>>>>> On Wed, Feb 4, 2015 at 10:09 PM, Lionel Djeukam < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> That's realy strange because i did exactly what is content there: >>>>>>> http://openmeetings.apache.org/RTMPSAndHTTPS.html >>>>>>> >>>>>>> The only thing i did not make is to close the port 1935. Is it >>>>>>> mandotory? Should i just comment his line in the file red5.properties? >>>>>>> >>>>>>> A part from that i made what you adviced in the last mail. I started >>>>>>> the server as follow: >>>>>>> sudo /etc/init.d/red5 start -Djavax.net.debug=all >>>>>>> >>>>>>> and by executing "./red5-debug.sh" it does act as a normal command, >>>>>>> since i could not observe what append when trying to enter to the room >>>>>>> >>>>>>> >>>>>>> >>>>>>> 2015-02-04 16:44 GMT+01:00 Maxim Solodovnik <[email protected]>: >>>>>>> >>>>>>>> It seems like you set up HTTPS but not RTMPS :( >>>>>>>> can you start red5 manually with this additional option: >>>>>>>> *-Djavax.net.debug=all* >>>>>>>> >>>>>>>> *then run ./red5-debug.sh and check the console while entering the >>>>>>>> room* >>>>>>>> >>>>>>>> On Wed, Feb 4, 2015 at 9:39 PM, Lionel Djeukam < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Hello, >>>>>>>>> i think i enjoyed to early :( >>>>>>>>> After configuring the server for HTTPs and RTMPs, i could finaly >>>>>>>>> connect to the https-page of my server. Then when a lauch a >>>>>>>>> conference, i >>>>>>>>> became the three mistakes in the subject field of this mail. >>>>>>>>> >>>>>>>>> I already had exeption to my Browser to recognise the certificate >>>>>>>>> as trusted-part. >>>>>>>>> >>>>>>>>> What could i do now? >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Master Student Communication systems and Network >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> WBR >>>>>>>> Maxim aka solomax >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> WBR >>>>>> Maxim aka solomax >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> >>>>> >>>> >>>> >>>> -- >>>> WBR >>>> Maxim aka solomax >>>> >>> >>> >> >> >> -- >> WBR >> Maxim aka solomax >> > > -- Lionel
