Thank you for the info but still no luck, I don't understand why SSL works just fine but RTMPS doesn't.
Regards, On Wed, Feb 25, 2015 at 5:33 PM, Lionel Djeukam <lio.djoma...@gmail.com> wrote: > Hello all, > > for me it worked after adding my self-Signed Certificate as Trusted CA for > my System (I used a windows 7/8.1 Client). > To make this i just export my certificate from the start-page of AOM and > then made the following: > > - Right click on the certificate > - Choose Install > - Choose the option to install the certificate in a specific directory > - Navigate and select the second one. (Trusted CA) > - You should receive a pop up asking you to validate the process. > > The steps above worked perfectly for all windows machines. > Under Ubuntu i made the same, by following this: > http://blog.tkassembled.com/410/adding-a-certificate-authority-to-the-trusted-list-in-ubuntu/ > .But there is still the same mistake. > > Actually i didn't used JVM at all. > > > 2015-02-25 19:43 GMT+01:00 OpenAr-IT Soluciones <opena...@gmail.com>: > >> Hi Maxim, >> >> Sorry but I still don't get it. I've got the keystore/truststore in conf >> directory (directory created when unzipping apache-openmeetings-3.0.4.zip) >> and configured in red5.properties. Where can I find the JVM own >> keystore/truststore? Do you mean the cacerts found in java/lib/security? >> >> Thanks, >> >> On Wed, Feb 25, 2015 at 1:02 AM, Maxim Solodovnik <solomax...@gmail.com> >> wrote: >> >>> your server JVM has its own keystore/truststore >>> you need to add your certificate into it >>> >>> On Wed, Feb 25, 2015 at 12:45 AM, OpenAr-IT Soluciones < >>> opena...@gmail.com> wrote: >>> >>>> Hi Maxim, what do you mean by "you need to add your certificate to the >>>> trusted certificates of your server JVM"?. I have the same issue as Lionel. >>>> >>>> Lionel, what did you do exactly? >>>> >>>> >>>> Thanks in advance. >>>> >>>> >>>> >>>> On Wed, Feb 4, 2015 at 1:45 PM, Maxim Solodovnik <solomax...@gmail.com> >>>> wrote: >>>> >>>>> you need to add your certificate to the trusted certificates of your >>>>> server JVM >>>>> >>>>> On Wed, Feb 4, 2015 at 10:40 PM, Lionel Djeukam < >>>>> lio.djoma...@gmail.com> wrote: >>>>> >>>>>> Ok, that's what i observed: >>>>>> First of all, my certificate was added as expected in the trusted >>>>>> list on the server side, therefore the following lines: >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> *"adding as trusted cert: Subject: CN=139.6.237.96, >>>>>> OU=Informationssicherheit, O=FH-Koeln, L=Koeln, ST=NRW, C=DE Issuer: >>>>>> CN=139.6.237.96, OU=Informationssicherheit, O=FH-Koeln, L=Koeln, ST=NRW, >>>>>> C=DE Algorithm: RSA; Serial number: 0x21787fbf Valid from Wed Feb 04 >>>>>> 15:06:08 CET 2015 until Sat Jan 30 15:06:08 CET 201*6 >>>>>> ... >>>>>> ... " >>>>>> >>>>>> Second, during the TLS-Handshake, it seems like there is a problem >>>>>> with my certificate on the client side >>>>>> which followed to a fatal error: >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> *"NioProcessor-21, READ: TLSv1 Alert, length = 2NioProcessor-21, RECV >>>>>> TLSv1 ALERT: fatal, bad_certificateNioProcessor-21, fatal: engine >>>>>> already >>>>>> closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: >>>>>> bad_certificateNioProcessor-21, fatal: engine already closed. Rethrowing >>>>>> javax.net.ssl.SSLException: Received fatal alert: bad_certificate"* >>>>>> >>>>>> Should i do anythings else than just add an exception for my >>>>>> certificate on the client side? >>>>>> >>>>>> >>>>>> 2015-02-04 17:18 GMT+01:00 Maxim Solodovnik <solomax...@gmail.com>: >>>>>> >>>>>>> not sure what is wrong :(( >>>>>>> >>>>>>> you need to call >>>>>>> sudo /etc/init.d/red5 stop >>>>>>> >>>>>>> then open ./red5-debug.sh add -Djavax.net.debug=all to the JAVA_OPTS >>>>>>> then start ./red5-debug.sh from the console >>>>>>> >>>>>>> On Wed, Feb 4, 2015 at 10:09 PM, Lionel Djeukam < >>>>>>> lio.djoma...@gmail.com> wrote: >>>>>>> >>>>>>>> That's realy strange because i did exactly what is content there: >>>>>>>> http://openmeetings.apache.org/RTMPSAndHTTPS.html >>>>>>>> >>>>>>>> The only thing i did not make is to close the port 1935. Is it >>>>>>>> mandotory? Should i just comment his line in the file red5.properties? >>>>>>>> >>>>>>>> A part from that i made what you adviced in the last mail. I >>>>>>>> started the server as follow: >>>>>>>> sudo /etc/init.d/red5 start -Djavax.net.debug=all >>>>>>>> >>>>>>>> and by executing "./red5-debug.sh" it does act as a normal command, >>>>>>>> since i could not observe what append when trying to enter to the room >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> 2015-02-04 16:44 GMT+01:00 Maxim Solodovnik <solomax...@gmail.com>: >>>>>>>> >>>>>>>>> It seems like you set up HTTPS but not RTMPS :( >>>>>>>>> can you start red5 manually with this additional option: >>>>>>>>> *-Djavax.net.debug=all* >>>>>>>>> >>>>>>>>> *then run ./red5-debug.sh and check the console while entering the >>>>>>>>> room* >>>>>>>>> >>>>>>>>> On Wed, Feb 4, 2015 at 9:39 PM, Lionel Djeukam < >>>>>>>>> lio.djoma...@gmail.com> wrote: >>>>>>>>> >>>>>>>>>> Hello, >>>>>>>>>> i think i enjoyed to early :( >>>>>>>>>> After configuring the server for HTTPs and RTMPs, i could finaly >>>>>>>>>> connect to the https-page of my server. Then when a lauch a >>>>>>>>>> conference, i >>>>>>>>>> became the three mistakes in the subject field of this mail. >>>>>>>>>> >>>>>>>>>> I already had exeption to my Browser to recognise the certificate >>>>>>>>>> as trusted-part. >>>>>>>>>> >>>>>>>>>> What could i do now? >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> Master Student Communication systems and Network >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> WBR >>>>>>>>> Maxim aka solomax >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> WBR >>>>>>> Maxim aka solomax >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> WBR >>>>> Maxim aka solomax >>>>> >>>> >>>> >>> >>> >>> -- >>> WBR >>> Maxim aka solomax >>> >> >> > > > -- > Lionel >
