Not sure I understand your question :( We don't have much people for testing :( This is why I ask users to test using our demo ....
WBR, Maxim (from mobile, sorry for the typos) On Nov 25, 2017 02:43, "Hossein Dehghanpoor" <hossein.dehghanp...@gmail.com> wrote: > this is such a wow. > so hame you tested how much attendees need how much RAM or CPU core? > > On Nov 24, 2017 18:54, "Maxim Solodovnik" <solomax...@gmail.com> wrote: > >> 8x Core(TM) i7 CPU 950 @ 3.07GHz >> 24GB RAM >> ;) >> >> On Fri, Nov 24, 2017 at 6:32 PM, Hossein Dehghanpoor < >> hossein.dehghanp...@gmail.com> wrote: >> >>> i tired almost every thing to set ssl :)) >>> >>> that was really confusing... >>> >>> any way thank you.. >>> >>> >>> whats the hardware configuration for this server that you setup? -> >>> om.alteametasoft.com >>> it seems to be powerfull >>> >>> >>> On Fri, Nov 24, 2017 at 6:08 AM, Maxim Solodovnik <solomax...@gmail.com> >>> wrote: >>> >>>> great :) >>>> >>>> On Fri, Nov 24, 2017 at 2:54 AM, Hossein Dehghanpoor < >>>> hossein.dehghanp...@gmail.com> wrote: >>>> >>>>> OK maxim >>>>> it is solved and ok. >>>>> thank you >>>>> >>>>> On Thu, Nov 23, 2017 at 2:32 PM, Hossein Dehghanpoor < >>>>> hossein.dehghanp...@gmail.com> wrote: >>>>> >>>>>> this is mine httpd reverse proxy >>>>>> >>>>>> <IfModule mod_ssl.c> >>>>>> #NameVirtualHost *:443 >>>>>> ProxyRequests Off >>>>>> <VirtualHost *:80> >>>>>> ServerAdmin i...@saba-co.net >>>>>> ServerName elearning.saba-co.net >>>>>> ProxyPreserveHost On >>>>>> RewriteEngine on >>>>>> #CacheDisable "https://elearning.saba-co.net/"; >>>>>> # Redirect http traffic to https >>>>>> RewriteRule ^/(.*) https://elearning.saba-co.net/$1 [L,R] >>>>>> </VirtualHost> >>>>>> <VirtualHost *:443> >>>>>> ServerAdmin i...@saba-co.net >>>>>> ServerName elearning.saba-co.net >>>>>> SSLEngine on >>>>>> SSLProxyEngine On >>>>>> RequestHeader set Front-End-Https "On" >>>>>> ProxyPreserveHost On >>>>>> RewriteEngine on >>>>>> CacheDisable "http://elearning.saba-co.net/"; >>>>>> #Reverse proxy all requests >>>>>> RewriteRule ^/(.*) http://elearning.saba-co.net:5080/ersa/$1 [P] >>>>>> SSLCertificateFile /etc/pki/tls/certs/Cert_bundle.crt >>>>>> SSLCertificateKeyFile /etc/pki/tls/private/server.key >>>>>> SetEnvIf User-Agent ".*MSIE.*" \ >>>>>> nokeepalive ssl-unclean-shutdown \ >>>>>> downgrade-1.0 force-response-1.0 >>>>>> </VirtualHost> >>>>>> </IfModule> >>>>>> >>>>>> On Thu, Nov 23, 2017 at 2:31 PM, Hossein Dehghanpoor < >>>>>> hossein.dehghanp...@gmail.com> wrote: >>>>>> >>>>>>> i think that the problem is in reversed proxy.. >>>>>>> >>>>>>> can any one help me to solve this issue? >>>>>>> >>>>>>> >>>>>>> On Thu, Nov 23, 2017 at 2:23 PM, Hossein Dehghanpoor < >>>>>>> hossein.dehghanp...@gmail.com> wrote: >>>>>>> >>>>>>>> the only logs that i see are these: >>>>>>>> >>>>>>>> >>>>>>>> DEBUG 11-23 05:53:09.781 722725 42 o.a.o.d.u.AuthLevelUtil >>>>>>>> [0.0-5080-exec-4] - Level Admin :: [GRANTED] >>>>>>>> DEBUG 11-23 05:53:10.190 723134 74 o.a.o.d.d.s.LdapConfigDao >>>>>>>> [0.0-5080-exec-3] - getActiveLdapConfigs >>>>>>>> >>>>>>>> >>>>>>>> On Thu, Nov 23, 2017 at 2:22 PM, Hossein Dehghanpoor < >>>>>>>> hossein.dehghanp...@gmail.com> wrote: >>>>>>>> >>>>>>>>> sorry there were two <property name="connectionProperties">. >>>>>>>>> >>>>>>>>> that problem is ok. >>>>>>>>> >>>>>>>>> but another thing happen :(( >>>>>>>>> >>>>>>>>> that error does not occure any more, but when i try to login, >>>>>>>>> nothing happen and the page just gets refreshed.. >>>>>>>>> >>>>>>>>> >>>>>>>>> On Thu, Nov 23, 2017 at 2:06 PM, Hossein Dehghanpoor < >>>>>>>>> hossein.dehghanp...@gmail.com> wrote: >>>>>>>>> >>>>>>>>>> yes. right now im using reversed proxy by httpd. the problem >>>>>>>>>> which now im facing, is i can not get login and this is the log. >>>>>>>>>> >>>>>>>>>> [INFO] [http-nio-0.0.0.0-5080-exec-1] >>>>>>>>>> org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener >>>>>>>>>> - Possible CSRF attack, request URL: http://elearning.saba-co. >>>>>>>>>> net/ersa/wicket/bookmarkable/org.apache.openmeetings.web.pag >>>>>>>>>> es.auth.SignInPage;jsessionid=7399F24381E9299DF229D27AD4A034AF, >>>>>>>>>> Origin: https://elearning.saba-co.net, action: aborted with >>>>>>>>>> error 400 Origin does not correspond to request >>>>>>>>>> [INFO] [http-nio-0.0.0.0-5080-exec-3] >>>>>>>>>> org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener >>>>>>>>>> - Possible CSRF attack, request URL: http://elearning.saba-co. >>>>>>>>>> net/ersa/wicket/bookmarkable/org.apache.openmeetings.web.pag >>>>>>>>>> es.auth.SignInPage;jsessionid=7399F24381E9299DF229D27AD4A034AF, >>>>>>>>>> Origin: https://elearning.saba-co.net, action: aborted with >>>>>>>>>> error 400 Origin does not correspond to request >>>>>>>>>> [INFO] [http-nio-0.0.0.0-5080-exec-10] >>>>>>>>>> org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener >>>>>>>>>> - Possible CSRF attack, request URL: http://elearning.saba-co. >>>>>>>>>> net/ersa/wicket/bookmarkable/org.apache.openmeetings.web.pag >>>>>>>>>> es.auth.SignInPage;jsessionid=7399F24381E9299DF229D27AD4A034AF, >>>>>>>>>> Origin: https://elearning.saba-co.net, action: aborted with >>>>>>>>>> error 400 Origin does not correspond to request >>>>>>>>>> >>>>>>>>>> On Thu, Nov 23, 2017 at 1:08 PM, Maxim Solodovnik < >>>>>>>>>> solomax...@gmail.com> wrote: >>>>>>>>>> >>>>>>>>>>> You wrote before: "i used proxy reversed by apache (httpd)" Is >>>>>>>>>>> this the case? >>>>>>>>>>> >>>>>>>>>>> On Thu, Nov 23, 2017 at 2:14 PM, Hossein Dehghanpoor < >>>>>>>>>>> hossein.dehghanp...@gmail.com> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hello Maxim >>>>>>>>>>>> I have checked that. >>>>>>>>>>>> it is said that: add '<property name="secure" value="true" >>>>>>>>>>>> />' to ../conf/jee-container.xml right before '<property >>>>>>>>>>>> name="connectionProperties">' >>>>>>>>>>>> but this value, exists in "jee-container.xml" and the problem still >>>>>>>>>>>> exists. >>>>>>>>>>>> >>>>>>>>>>>> do any thing else should i do? >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> On Thu, Nov 23, 2017 at 10:04 AM, Hossein Dehghanpoor < >>>>>>>>>>>> hossein.dehghanp...@gmail.com> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Hello Dear Maxim, >>>>>>>>>>>>> Ok thank you. i will check that >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Thu, Nov 23, 2017 at 10:04 AM, Hossein Dehghanpoor < >>>>>>>>>>>>> hossein.dehghanp...@gmail.com> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> *Hello Dear Yakovlev,* >>>>>>>>>>>>>> *Yes I done that.* >>>>>>>>>>>>>> *as i checked the logs, OM says that keystore is not found.* >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Thu, Nov 23, 2017 at 8:45 AM, Yakovlev N. < >>>>>>>>>>>>>> yakovlev...@krvostok.ru> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Hello Hossein, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> did you change passwords in ../red5/conf/red5.properties: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> rtmps.keystorepass=... >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> rtmps.truststorepass=... >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> jmx.keystorepass=... >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> ? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Ones must be the same you entered by the keytool command. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Nik >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> *From:* Hossein Dehghanpoor [mailto:hossein.dehghanpoor@gm >>>>>>>>>>>>>>> ail.com] >>>>>>>>>>>>>>> *Sent:* Wednesday, November 22, 2017 9:51 PM >>>>>>>>>>>>>>> *To:* Openmeetings user-list >>>>>>>>>>>>>>> *Subject:* Re: self signed https problem >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> hola maxim >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> i googled a lot and did some thing. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> here are my steps: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 1- create key >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 2- create csr >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 3- request a CA to sign my csr >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 4- i got my crt files (*but CA gave me root certificate and >>>>>>>>>>>>>>> Intermediate cert as one file* - so because of this i >>>>>>>>>>>>>>> removed some parts of the commands ) >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 5- openssl pkcs12 -export -in red5.crt -inkey red5.key -out >>>>>>>>>>>>>>> red5.p12 -name red5 -certfile root.crt (-certfile >>>>>>>>>>>>>>> intermedXX.crt deleted) >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 6- keytool -importkeystore -srcstorepass XXX -srckeystore >>>>>>>>>>>>>>> red5.p12 -srcstoretype PKCS12 -deststorepass XXX -destkeystore >>>>>>>>>>>>>>> red5/conf/keystore.jks -alias red5 >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 7- keytool -import -alias root -keystore >>>>>>>>>>>>>>> red5/conf/keystore.jks -trustcacerts -file root.crt >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 8- (keytool -import -alias intermed -keystore >>>>>>>>>>>>>>> red5/conf/keystore.jks -trustcacerts -file intermedXX.crt - >>>>>>>>>>>>>>> Deleted) >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 9- edited red5/conf/jee-container.xml >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 10- and server is listening on 443 >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> but the connection got refused when i try to get https >>>>>>>>>>>>>>> connection >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Wed, Nov 22, 2017 at 6:13 AM, Maxim Solodovnik < >>>>>>>>>>>>>>> solomax...@gmail.com> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> You can google it :)) >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Here are something to start from: https://www.sslshopper.c >>>>>>>>>>>>>>> om/article-most-common-openssl-commands.html >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Wed, Nov 22, 2017 at 2:04 AM, Hossein Dehghanpoor < >>>>>>>>>>>>>>> hossein.dehghanp...@gmail.com> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> hello maxim >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> i have tried to setup self signed https on my om >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> according to this link: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> https://openmeetings.apache.org/RTMPSAndHTTPS.html#Self-sign >>>>>>>>>>>>>>> ed_certificate >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> i need tow cert files and one key file, iam i right? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> so how can i generate ca.cert and red5.cert?? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> i got confused :)) >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> and one thing more, can i integrate nginx and om? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> WBR >>>>>>>>>>>>>>> Maxim aka solomax >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> WBR >>>>>>>>>>> Maxim aka solomax >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>> >>>> >>>> >>>> -- >>>> WBR >>>> Maxim aka solomax >>>> >>> >>> >> >> >> -- >> WBR >> Maxim aka solomax >> >
