Re: How to use letsencrypt with OpenMeetings for RTMPS/HTTPS connection

Wed, 18 Oct 2017 05:23:09 -0700 

Thanks for sharing!

steps 1-5 need to be repeated, BUT they are simple and you can create
script for this :)))

On Wed, Oct 18, 2017 at 6:38 PM, Jacob Wenzel <j...@energiakademiet.dk> wrote:

> Hi all!
>
> I had a few problems with translating the RTMPS/HTTPS guide
> <https://openmeetings.apache.org/RTMPSAndHTTPS.html#Create_Keystore_using_existing_key-pair>
> for use with letsencrypt certificates due to different file names, so I
> documented the process for my own memory and anyone interested can see or
> follow the steps below to get a working RTMPS/HTTPS setup for OpenMeetings.
>
> *But what happens when my certificates are renewed?* Will I have to
> repeat steps 1 - 5 every time? If yes then I with try to create a bash
> script that automates the process.
>
> --------------------------------------
> RTMPS/HTTPS in OpenMeetings with letsencrypt (Replace [OM server FQDN]
> with your actual OpenMeetings FQDN)
>
>    1. cd to your red5 install dir
>    2.
>
>    Export existing keys into PKCS12 format:
>
>    openssl pkcs12 -export -in /etc/letsencrypt/live/[OM server FQDN]/cert.pem 
> -inkey /etc/letsencrypt/live/[OM server FQDN]/privkey.pem -out red5.p12 -name 
> red5 -certfile /etc/letsencrypt/live/[OM server FQDN]/chain.pem
>
>    Enter Export Password: password
>    Verifying - Enter Export Password: password
>
>    3.
>
>    Import resulting red5.p12 into keystore:
>
>    keytool -importkeystore -srcstorepass password -srckeystore red5.p12
>    -srcstoretype PKCS12 -deststorepass password -destkeystore keystore.jks
>    -alias red5
>    4.
>
>    Import your letsencrypt certificate into the keystore
>
>    keytool -import -alias root -keystore keystore.jks -trustcacerts -file
>    /etc/letsencrypt/live/[OM server FQDN]/chain.pem
>    5.
>
>    Copy keystore to truststore
>
>    cp keystore.jks trustscore.jks
>    SSL for the web interface and Tunneling RTMPS
>    6. Edit ./jee-container.xml file
>    - Comment Tomcat without SSL enabled section
>    - UNComment Tomcat with SSL enabled section
>    7.
>
>    Edit ../webapps/openmeetings/public/config.xml and set
>
>    <protocol>https</protocol>
>    <red5httpport>5443</red5httpport>
>    <rtmpsslport>5443</rtmpsslport>
>    <useSSL>yes</useSSL>
>    <proxyType>none</proxyType>
>
>    8.
>
>    Restart red5 service (or reboot)
>    9. Visit https://[OM server FQDN]:5443 in your browser and sign in.
>    - Go to Administration > Configuration and set application.base.url to
>    https://https://[OM server FQDN]:5443/openmeetings/
>
> --
>
> *Med venlig hilsen/Best regards*
>
>
> *JACOB WENZEL Projektleder*
>
> *ENERGIAKADEMIET*
> Strandengen 1
> <https://maps.google.com/?q=Strandengen+1+%0D+8305+SAMS%C3%98&entry=gmail&source=g>
> 8305 SAMSØ
> +45 60 61 15 97
> j...@energiakademiet.dk
> www.energiakademiet.dk <http://energiakademiet.dk>
>



-- 
WBR
Maxim aka solomax

Reply via email to