It would be great if Alvaro could add to existing tutorials SSL part using lets encryp.
At this time is mandatory for chrome and maybe would be for all browsers. El dom., 18 de mar. de 2018 9:59 PM, Maxim Solodovnik <solomax...@gmail.com> escribió: > Hello Anis, > > unfortunately I'm not maintaining OM tutorials. > I saw very detailed steps in user@ mailing list, you can use them as > tutorials :) > > > On Mon, Mar 19, 2018 at 10:56 AM, Anis Aliev <aliev.a...@gmail.com> wrote: > > Dear Maxim, > > > > Is it possible to make full tutorial including SSL configuration of OM? > or > > just update Tutorials with SSL ? For example with Lets Encrypt > > I think not only me but all community want it. > > > > Thanks! > > > > 2018-03-18 18:21 GMT+05:00 Maxim Solodovnik <solomax...@gmail.com>: > >> > >> I'm usually using `netstat -an|grep 5443` (never used nmap) > >> > >> According to your configs > >> jee-container.xml looks good > >> > >> keystore/trustsrore file/pass need to be set in red5.properties > >> It should match your actual keystore > >> > >> I wouls run red5.sh from console and check what is being printed > >> > >> On Sun, Mar 18, 2018 at 1:52 AM, Aaron Hepp <aaron.h...@gmail.com> > wrote: > >> > I have followed a few different guides on importing a cert into a > Tomcat > >> > installation from my cert provider as well from the OM site: > >> > > >> > https://openmeetings.apache.org/RTMPSAndHTTPS.html > >> > > >> > > >> > > https://helpdesk.ssls.com/hc/en-us/articles/203505171-How-to-install-a-SSL-certificate-on-a-Tomcat-server > >> > > >> > last portion you need to changed the XML file. For OM installation > you > >> > need > >> > to comment out the "Tomcat without SSL enabled" via <!-- --> and > remove > >> > them from "Tomcat with SSL enable" in /opt/om/conf/ jee-container.xml > >> > > >> > Saved all files and shutdown and restarted the red5 service. Do a > NMAP > >> > and > >> > still shows OM listening on 5080 and 1935. I have gone into the OM > >> > installation and changed flash.secure = true and restarted from there > >> > and > >> > still showing the listening on those ports. > >> > > >> > server:~# nmap localhost > >> > > >> > Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-17 18:36 UTC > >> > Nmap scan report for localhost (127.0.0.1) > >> > Host is up (0.000027s latency). > >> > rDNS record for 127.0.0.1: localhost.localdomain > >> > Not shown: 995 closed ports > >> > PORT STATE SERVICE > >> > 22/tcp open ssh > >> > 1935/tcp open rtmp**** > >> > 3306/tcp open mysql > >> > 5080/tcp open onscreen**** > >> > 9999/tcp open abyss > >> > Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds > >> > > >> > Is there other steps that need to be taken to get it to start > listening > >> > on > >> > 5443? I did notice the four entries below. Do I need to edit them > with > >> > my > >> > jks file locations and the password used to create or since client > auth > >> > is > >> > disabled that they are not needed? > >> > > >> > <entry > >> > key="keystoreFile" value="${rtmps.keystorefile}" /> > >> > <entry > >> > key="keystorePass" value="${rtmps.keystorepass}" /> > >> > <entry > >> > key="truststoreFile" value="${rtmps.truststorefile}" /> > >> > <entry > >> > key="truststorePass" value="${rtmps.truststorepass}" /> > >> > > >> > I have attached the xml file to make sure that is correct. Need to > get > >> > this > >> > moved over to SSL as the last browser to still support unsecured flash > >> > is > >> > Firefox, and from what I understand that will be removed in the next > >> > revision. > >> > > >> > > >> > > >> > > >> > >> > >> > >> -- > >> WBR > >> Maxim aka solomax > > > > > > > > > > -- > > > > IT Manager,e-learning specialist > > Skype:aliev_anis > > www.facebook.com/anis.aliev > > Тел:989010012 > > > > -- > WBR > Maxim aka solomax >
