You are proxying HTTPS request to HTTP server in this case you need to do one simple change, as described here [1]
[1] https://issues.apache.org/jira/browse/INFRA-14166?focusedCommentId=16049040&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-16049040 On Thu, Nov 23, 2017 at 6:17 AM, Hossein Dehghanpoor < hossein.dehghanp...@gmail.com> wrote: > ok maxim > > i forget to use https in that way. > > i used proxy reversed by apache (httpd) > > i setup ssl and it works. > > but there is a problem. > > [INFO] [http-nio-0.0.0.0-5080-exec-1] org.apache.wicket.protocol.http. > CsrfPreventionRequestCycleListener - Possible CSRF attack, request URL: > http://elearning.saba-co.net/ersa/wicket/bookmarkable/org. > apache.openmeetings.web.pages.auth.SignInPage;jsessionid= > 7399F24381E9299DF229D27AD4A034AF, Origin: https://elearning.saba-co.net, > action: aborted with error 400 Origin does not correspond to request > [INFO] [http-nio-0.0.0.0-5080-exec-3] org.apache.wicket.protocol.http. > CsrfPreventionRequestCycleListener - Possible CSRF attack, request URL: > http://elearning.saba-co.net/ersa/wicket/bookmarkable/org. > apache.openmeetings.web.pages.auth.SignInPage;jsessionid= > 7399F24381E9299DF229D27AD4A034AF, Origin: https://elearning.saba-co.net, > action: aborted with error 400 Origin does not correspond to request > [INFO] [http-nio-0.0.0.0-5080-exec-10] org.apache.wicket.protocol.http. > CsrfPreventionRequestCycleListener - Possible CSRF attack, request URL: > http://elearning.saba-co.net/ersa/wicket/bookmarkable/org. > apache.openmeetings.web.pages.auth.SignInPage;jsessionid= > 7399F24381E9299DF229D27AD4A034AF, Origin: https://elearning.saba-co.net, > action: aborted with error 400 Origin does not correspond to request > > > On Wed, Nov 22, 2017 at 10:20 PM, Hossein Dehghanpoor < > hossein.dehghanp...@gmail.com> wrote: > >> hola maxim >> i googled a lot and did some thing. >> >> here are my steps: >> 1- create key >> 2- create csr >> 3- request a CA to sign my csr >> 4- i got my crt files (*but CA gave me root certificate and Intermediate >> cert as one file* - so because of this i removed some parts of the >> commands ) >> 5- openssl pkcs12 -export -in red5.crt -inkey red5.key -out red5.p12 >> -name red5 -certfile root.crt (-certfile intermedXX.crt deleted) >> 6- keytool -importkeystore -srcstorepass XXX -srckeystore red5.p12 >> -srcstoretype PKCS12 -deststorepass XXX -destkeystore >> red5/conf/keystore.jks -alias red5 >> 7- keytool -import -alias root -keystore red5/conf/keystore.jks >> -trustcacerts -file root.crt >> 8- (keytool -import -alias intermed -keystore red5/conf/keystore.jks >> -trustcacerts -file intermedXX.crt - Deleted) >> 9- edited red5/conf/jee-container.xml >> 10- and server is listening on 443 >> but the connection got refused when i try to get https connection >> >> On Wed, Nov 22, 2017 at 6:13 AM, Maxim Solodovnik <solomax...@gmail.com> >> wrote: >> >>> You can google it :)) >>> Here are something to start from: https://www.sslshopper.c >>> om/article-most-common-openssl-commands.html >>> >>> On Wed, Nov 22, 2017 at 2:04 AM, Hossein Dehghanpoor < >>> hossein.dehghanp...@gmail.com> wrote: >>> >>>> hello maxim >>>> i have tried to setup self signed https on my om >>>> according to this link: >>>> https://openmeetings.apache.org/RTMPSAndHTTPS.html#Self-sign >>>> ed_certificate >>>> >>>> i need tow cert files and one key file, iam i right? >>>> so how can i generate ca.cert and red5.cert?? >>>> i got confused :)) >>>> >>>> >>>> and one thing more, can i integrate nginx and om? >>>> >>> >>> >>> >>> -- >>> WBR >>> Maxim aka solomax >>> >> >> > -- WBR Maxim aka solomax
