oh my god .. i saw my mistake ... i was watching some other file ...
Sorry .... sorry .. sorry ... 2017-08-16 14:38 GMT-05:00 Ramón Zárate Moedano <[email protected]>: > Hello again. > > Well i am trying to run OM using a Comodo SSL > > I am doing the "step by step" tutorial found here > > http://openmeetings.apache.org/RTMPSAndHTTPS.html > > The situation is that this part says ... > SSL for the web interface > > Please perform following steps if you want to use SSL for the web > interface. This is mainly to secure the server against MITM attacks, > additionally some other features like file uploads also use a plain HTTP > connection if this is not done. The following instructions assume that you > have already set up RTMPS successfully. > > 1. Edit red5/conf/jee-container.xml file: > Comment Tomcat without SSL enabled section > UNComment Tomcat with SSL enabled section > > > and my jee-container.xml file has ... > > <?xml version="1.0" encoding="UTF-8"?> > <beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns="http://www.springframework.org/schema/beans"; > xsi:schemaLocation="http://www.springframework.org/schema/beans > http://www.springframework.org/schema/beans/spring-beans.xsd"; > > > <!-- > This file should be replaced by the container configuration file that you > have selected > If no JEE container is selected, some JEE features will not be available > such as Servlets or JSP's. > Go to this link for more information: https://github.com/Red5/red5- > server/wiki/JEEContainerPlugins > --> > > </beans> > > Any ideas??? > > Thanks > > 2017-08-16 9:51 GMT-05:00 Maxim Solodovnik <[email protected]>: > >> Hello Nik, >> >> I'm trying to answer all emails, sorry if I missed yours :( >> To make self-signed certificate work with red5 you MUST >> 1) add certificate to trusted certs of Java >> 2) add certificate to trusted certs of browser (icon should be green) >> 3) correctly create red5 keystore/truststore >> >> to provide thurther help I need you detailed steps >> >> On Wed, Aug 16, 2017 at 8:30 PM, Yakovlev N. <[email protected]> >> wrote: >> > Hi Andreas, >> > OK, your opinion is your opinion and I respect it. >> > We speak about an internal OM service but not about the world one... >> > I understand the trusted certificates are more preferable but in my >> case unnecessary I think. >> > I'm not sure blacklists are my cases... >> > >> > Nik >> > >> > -----Original Message----- >> > From: [email protected] [mailto:[email protected]] >> > Sent: Wednesday, August 16, 2017 4:18 PM >> > To: [email protected] >> > Subject: Re: [ANNOUNCE] HTTPS is now required >> > >> > Hi Nik, >> > >> > sorry - I cannot agree to your "I cannot agree". Most email client >> programs do check certificates and deny connections if certificate is not >> trusted. May be 5% will work - but 95% will not (and tomorrow percentage is >> higher than today). I can not recommend to use any self-signed certificate >> (except for internal tasks). Additionally maybe you are added to blacklists >> if you are "on the air" using a self-signed certificate. >> > >> > Best regards >> > Andreas >> > >> > Am Mittwoch, 16. August 2017, 16:01:52 CEST schrieb Yakovlev N.: >> >> I don't agree. >> >> I use selfsigned certiticates on other corporate services successfully >> (mail, cloud and so on). >> >> Yes, browsers ask questions but this is no problem. In this case such >> certificates must be added as trusted ones. >> >> >> >> Nik >> >> >> >> -----Original Message----- >> >> From: [email protected] [mailto:[email protected]] >> >> Sent: Wednesday, August 16, 2017 3:44 PM >> >> To: [email protected] >> >> Subject: Re: [ANNOUNCE] HTTPS is now required >> >> >> >> Self-signed will not be accepted by most browsers and will not work. >> The goal of SSL *IS THE POSSIBILITY OF VERIFICATION OF THE PAGE OWNER*... >> >> >> >> Try certificates from lets encrypt - they are free ;) >> >> >> >> Best regards >> >> Andreas >> >> >> >> Am Mittwoch, 16. August 2017, 15:25:17 CEST schrieb Yakovlev N.: >> >> > Hi, Maxim! >> >> > I have some problems with SSL and no ideas to solve them. >> >> > Five months ago I asked community how to install SSL on OM but >> nobody answered. >> >> > (http://mail-archives.apache.org/mod_mbox/openmeetings-user/ >> 201703.mbox/browser Subject: SSL with OM Date Mon, 20 Mar 2017 >> 08:30:40 GMT ) >> >> > The manual listed on page http://openmeetings.apache.org >> /RTMPSAndHTTPS.html did not help me. >> >> > No any errors in logs, browser hangs and shows an empty page. >> >> > Firefox outputs "Executing TLS-handshaking with vkc.krvostok.ru" on >> the left bottom side. >> >> > The "openssl s_client -connect vkc.krvostok.ru:5443" command >> hangs also and outputs only one line: CONNECTED(00000003). >> >> > Firewall is off, tcp-5443 port is listening on the OM host. >> >> > >> >> > Is there any roadmap of using selfsigned serfificates for OM? >> >> > >> >> > Best regards >> >> > Nik >> >> > >> >> > -----Original Message----- >> >> > From: Maxim Solodovnik [mailto:[email protected]] >> >> > Sent: Wednesday, August 16, 2017 7:23 AM >> >> > To: Openmeetings user-list >> >> > Subject: [ANNOUNCE] HTTPS is now required >> >> > >> >> > Hello All, >> >> > >> >> > Google developers are trying to move WWW to HTTPS To force this >> transition they restrict features available to HTTP sites in >> Chrome/Chromium Latest restriction is: Camera and microphone will not be >> available to JS/Flash code for HTTP sites: proof: >> >> > >> >> > "Microphone and Camera access no longer works on insecure origins. >> To use this feature, you should consider switching your application to a >> secure origin, such as HTTPS. See https://goo.gl/rStTGz for more >> details." >> >> > >> >> > So please set up HTTPS for your OM site to prevent camera/microphone >> issues. >> >> > >> >> > -- >> >> > WBR >> >> > Maxim aka solomax >> >> > >> >> > >> >> >> >> >> >> >> > >> > >> >> >> >> -- >> WBR >> Maxim aka solomax >> > >
