Hello again. Well i am trying to run OM using a Comodo SSL
I am doing the "step by step" tutorial found here http://openmeetings.apache.org/RTMPSAndHTTPS.html The situation is that this part says ... SSL for the web interface Please perform following steps if you want to use SSL for the web interface. This is mainly to secure the server against MITM attacks, additionally some other features like file uploads also use a plain HTTP connection if this is not done. The following instructions assume that you have already set up RTMPS successfully. 1. Edit red5/conf/jee-container.xml file: Comment Tomcat without SSL enabled section UNComment Tomcat with SSL enabled section and my jee-container.xml file has ... <?xml version="1.0" encoding="UTF-8"?> <beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns="http://www.springframework.org/schema/beans"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"; > <!-- This file should be replaced by the container configuration file that you have selected If no JEE container is selected, some JEE features will not be available such as Servlets or JSP's. Go to this link for more information: https://github.com/Red5/red5-server/wiki/JEEContainerPlugins --> </beans> Any ideas??? Thanks 2017-08-16 9:51 GMT-05:00 Maxim Solodovnik <solomax...@gmail.com>: > Hello Nik, > > I'm trying to answer all emails, sorry if I missed yours :( > To make self-signed certificate work with red5 you MUST > 1) add certificate to trusted certs of Java > 2) add certificate to trusted certs of browser (icon should be green) > 3) correctly create red5 keystore/truststore > > to provide thurther help I need you detailed steps > > On Wed, Aug 16, 2017 at 8:30 PM, Yakovlev N. <yakovlev...@krvostok.ru> > wrote: > > Hi Andreas, > > OK, your opinion is your opinion and I respect it. > > We speak about an internal OM service but not about the world one... > > I understand the trusted certificates are more preferable but in my case > unnecessary I think. > > I'm not sure blacklists are my cases... > > > > Nik > > > > -----Original Message----- > > From: df...@gmx.de [mailto:df...@gmx.de] > > Sent: Wednesday, August 16, 2017 4:18 PM > > To: user@openmeetings.apache.org > > Subject: Re: [ANNOUNCE] HTTPS is now required > > > > Hi Nik, > > > > sorry - I cannot agree to your "I cannot agree". Most email client > programs do check certificates and deny connections if certificate is not > trusted. May be 5% will work - but 95% will not (and tomorrow percentage is > higher than today). I can not recommend to use any self-signed certificate > (except for internal tasks). Additionally maybe you are added to blacklists > if you are "on the air" using a self-signed certificate. > > > > Best regards > > Andreas > > > > Am Mittwoch, 16. August 2017, 16:01:52 CEST schrieb Yakovlev N.: > >> I don't agree. > >> I use selfsigned certiticates on other corporate services successfully > (mail, cloud and so on). > >> Yes, browsers ask questions but this is no problem. In this case such > certificates must be added as trusted ones. > >> > >> Nik > >> > >> -----Original Message----- > >> From: df...@gmx.de [mailto:df...@gmx.de] > >> Sent: Wednesday, August 16, 2017 3:44 PM > >> To: user@openmeetings.apache.org > >> Subject: Re: [ANNOUNCE] HTTPS is now required > >> > >> Self-signed will not be accepted by most browsers and will not work. > The goal of SSL *IS THE POSSIBILITY OF VERIFICATION OF THE PAGE OWNER*... > >> > >> Try certificates from lets encrypt - they are free ;) > >> > >> Best regards > >> Andreas > >> > >> Am Mittwoch, 16. August 2017, 15:25:17 CEST schrieb Yakovlev N.: > >> > Hi, Maxim! > >> > I have some problems with SSL and no ideas to solve them. > >> > Five months ago I asked community how to install SSL on OM but > nobody answered. > >> > (http://mail-archives.apache.org/mod_mbox/openmeetings- > user/201703.mbox/browser Subject: SSL with OM Date Mon, 20 Mar 2017 > 08:30:40 GMT ) > >> > The manual listed on page http://openmeetings.apache. > org/RTMPSAndHTTPS.html did not help me. > >> > No any errors in logs, browser hangs and shows an empty page. > >> > Firefox outputs "Executing TLS-handshaking with vkc.krvostok.ru" on > the left bottom side. > >> > The "openssl s_client -connect vkc.krvostok.ru:5443" command > hangs also and outputs only one line: CONNECTED(00000003). > >> > Firewall is off, tcp-5443 port is listening on the OM host. > >> > > >> > Is there any roadmap of using selfsigned serfificates for OM? > >> > > >> > Best regards > >> > Nik > >> > > >> > -----Original Message----- > >> > From: Maxim Solodovnik [mailto:solomax...@gmail.com] > >> > Sent: Wednesday, August 16, 2017 7:23 AM > >> > To: Openmeetings user-list > >> > Subject: [ANNOUNCE] HTTPS is now required > >> > > >> > Hello All, > >> > > >> > Google developers are trying to move WWW to HTTPS To force this > transition they restrict features available to HTTP sites in > Chrome/Chromium Latest restriction is: Camera and microphone will not be > available to JS/Flash code for HTTP sites: proof: > >> > > >> > "Microphone and Camera access no longer works on insecure origins. To > use this feature, you should consider switching your application to a > secure origin, such as HTTPS. See https://goo.gl/rStTGz for more details." > >> > > >> > So please set up HTTPS for your OM site to prevent camera/microphone > issues. > >> > > >> > -- > >> > WBR > >> > Maxim aka solomax > >> > > >> > > >> > >> > >> > > > > > > > > -- > WBR > Maxim aka solomax >
