yes. right now im using reversed proxy by httpd. the problem which now im facing, is i can not get login and this is the log.
[INFO] [http-nio-0.0.0.0-5080-exec-1] org.apache.wicket.protocol.http. CsrfPreventionRequestCycleListener - Possible CSRF attack, request URL: http://elearning.saba-co.net/ersa/wicket/bookmarkable/org. apache.openmeetings.web.pages.auth.SignInPage;jsessionid= 7399F24381E9299DF229D27AD4A034AF, Origin: https://elearning.saba-co.net, action: aborted with error 400 Origin does not correspond to request [INFO] [http-nio-0.0.0.0-5080-exec-3] org.apache.wicket.protocol.http. CsrfPreventionRequestCycleListener - Possible CSRF attack, request URL: http://elearning.saba-co.net/ersa/wicket/bookmarkable/org. apache.openmeetings.web.pages.auth.SignInPage;jsessionid= 7399F24381E9299DF229D27AD4A034AF, Origin: https://elearning.saba-co.net, action: aborted with error 400 Origin does not correspond to request [INFO] [http-nio-0.0.0.0-5080-exec-10] org.apache.wicket.protocol.http. CsrfPreventionRequestCycleListener - Possible CSRF attack, request URL: http://elearning.saba-co.net/ersa/wicket/bookmarkable/org. apache.openmeetings.web.pages.auth.SignInPage;jsessionid= 7399F24381E9299DF229D27AD4A034AF, Origin: https://elearning.saba-co.net, action: aborted with error 400 Origin does not correspond to request On Thu, Nov 23, 2017 at 1:08 PM, Maxim Solodovnik <solomax...@gmail.com> wrote: > You wrote before: "i used proxy reversed by apache (httpd)" Is this the > case? > > On Thu, Nov 23, 2017 at 2:14 PM, Hossein Dehghanpoor < > hossein.dehghanp...@gmail.com> wrote: > >> Hello Maxim >> I have checked that. >> it is said that: add '<property name="secure" value="true" />' to >> ../conf/jee-container.xml right before '<property >> name="connectionProperties">' >> but this value, exists in "jee-container.xml" and the problem still >> exists. >> >> do any thing else should i do? >> >> >> On Thu, Nov 23, 2017 at 10:04 AM, Hossein Dehghanpoor < >> hossein.dehghanp...@gmail.com> wrote: >> >>> Hello Dear Maxim, >>> Ok thank you. i will check that >>> >>> >>> On Thu, Nov 23, 2017 at 10:04 AM, Hossein Dehghanpoor < >>> hossein.dehghanp...@gmail.com> wrote: >>> >>>> *Hello Dear Yakovlev,* >>>> *Yes I done that.* >>>> *as i checked the logs, OM says that keystore is not found.* >>>> >>>> On Thu, Nov 23, 2017 at 8:45 AM, Yakovlev N. <yakovlev...@krvostok.ru> >>>> wrote: >>>> >>>>> Hello Hossein, >>>>> >>>>> did you change passwords in ../red5/conf/red5.properties: >>>>> >>>>> rtmps.keystorepass=... >>>>> >>>>> rtmps.truststorepass=... >>>>> >>>>> jmx.keystorepass=... >>>>> >>>>> ? >>>>> >>>>> Ones must be the same you entered by the keytool command. >>>>> >>>>> >>>>> >>>>> Nik >>>>> >>>>> >>>>> >>>>> *From:* Hossein Dehghanpoor [mailto:hossein.dehghanp...@gmail.com] >>>>> *Sent:* Wednesday, November 22, 2017 9:51 PM >>>>> *To:* Openmeetings user-list >>>>> *Subject:* Re: self signed https problem >>>>> >>>>> >>>>> >>>>> hola maxim >>>>> >>>>> i googled a lot and did some thing. >>>>> >>>>> >>>>> >>>>> here are my steps: >>>>> >>>>> 1- create key >>>>> >>>>> 2- create csr >>>>> >>>>> 3- request a CA to sign my csr >>>>> >>>>> 4- i got my crt files (*but CA gave me root certificate and >>>>> Intermediate cert as one file* - so because of this i removed some >>>>> parts of the commands ) >>>>> >>>>> 5- openssl pkcs12 -export -in red5.crt -inkey red5.key -out red5.p12 >>>>> -name red5 -certfile root.crt (-certfile intermedXX.crt deleted) >>>>> >>>>> 6- keytool -importkeystore -srcstorepass XXX -srckeystore red5.p12 >>>>> -srcstoretype PKCS12 -deststorepass XXX -destkeystore >>>>> red5/conf/keystore.jks -alias red5 >>>>> >>>>> 7- keytool -import -alias root -keystore red5/conf/keystore.jks >>>>> -trustcacerts -file root.crt >>>>> >>>>> 8- (keytool -import -alias intermed -keystore red5/conf/keystore.jks >>>>> -trustcacerts -file intermedXX.crt - Deleted) >>>>> >>>>> 9- edited red5/conf/jee-container.xml >>>>> >>>>> 10- and server is listening on 443 >>>>> >>>>> but the connection got refused when i try to get https connection >>>>> >>>>> >>>>> >>>>> On Wed, Nov 22, 2017 at 6:13 AM, Maxim Solodovnik < >>>>> solomax...@gmail.com> wrote: >>>>> >>>>> You can google it :)) >>>>> >>>>> Here are something to start from: https://www.sslshopper.c >>>>> om/article-most-common-openssl-commands.html >>>>> >>>>> >>>>> >>>>> On Wed, Nov 22, 2017 at 2:04 AM, Hossein Dehghanpoor < >>>>> hossein.dehghanp...@gmail.com> wrote: >>>>> >>>>> hello maxim >>>>> >>>>> i have tried to setup self signed https on my om >>>>> >>>>> according to this link: >>>>> >>>>> https://openmeetings.apache.org/RTMPSAndHTTPS.html#Self-sign >>>>> ed_certificate >>>>> >>>>> >>>>> >>>>> i need tow cert files and one key file, iam i right? >>>>> >>>>> so how can i generate ca.cert and red5.cert?? >>>>> >>>>> i got confused :)) >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> and one thing more, can i integrate nginx and om? >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> >>>>> WBR >>>>> Maxim aka solomax >>>>> >>>>> >>>>> >>>> >>>> >>> >> > > > -- > WBR > Maxim aka solomax >
