I do all by this instruction <http://openmeetings.apache.org/RTMPSAndHTTPS.html#Steps_for_OM_server> http://openmeetings.apache.org/RTMPSAndHTTPS.html#Steps_for_OM_server except create in the beginning red5.key and red5.crt.
In instruction error on this command: keytool -import -alias root -keystore /opt/red5401/conf/keystore.jks -keystorepass password -trustcacerts -file red5.crt Error: illegal option: -keystorepass In documentation https://docs.oracle.com/javase/6/docs/technotes/tools/windows/keytool.html not exist that option so <http://openmeetings.apache.org/RTMPSAndHTTPS.html#Steps_for_OM_server> http://openmeetings.apache.org/RTMPSAndHTTPS.html#Steps_for_OM_server is not can’t be used, not relevant. ------------------- С уважением, Андрей Прицепов “Лаборатория Форт Крым” From: Maxim Solodovnik [mailto:solomax...@gmail.com] Sent: Friday, December 29, 2017 11:12 AM To: Openmeetings user-list Subject: Re: Configure https on centos7 Please read documentation [1] and use search before asking questions According to the steps from [2] "-srcstorepass changeit" this means "red5.p12" MUST have password "changeit" [1] https://docs.oracle.com/javase/6/docs/technotes/tools/windows/keytool.html [2] http://openmeetings.apache.org/RTMPSAndHTTPS.html#Steps_for_OM_server On Fri, Dec 29, 2017 at 3:07 PM, Андрей Прицепов <p.and...@fort.crimea.com> wrote: Ø The idea here is… I can’t do this idea in practice, something doing not right. I create red5.crt and red5.p12 but keystore.jks can’t create. Not enough information in instruction to do this fast step-by-step. Later I will have ‘real’ certificate. Ø At the moment you are starting #3 above there should be NO keystore.jks, you already have renamed it to *.bak (prerequisite) What means #3? I renamed them, but *jks wasn’t there in the beginning was *jmx. Ø Finally you are renaming passwords, they MUST match So when I do command “openssl req -x509 -nodes -days 99999 -newkey rsa:2048 -keyout /opt/prytsepov/red5.key -out /opt/prytsepov/red5.crt” I enter “jmx.keystorepass=password” when it ask me enter password. If like that I still have this error. ------------------- С уважением, Андрей Прицепов “Лаборатория Форт Крым” From: Maxim Solodovnik [mailto:solomax...@gmail.com] Sent: Friday, December 29, 2017 10:27 AM To: Openmeetings user-list Subject: Re: Configure https on centos7 The idea here is 1) you are creating self-signed certificate (prerequisite) -> red5.crt 2) you are signing red5.crt with your fake CA (step 1) -> red5.p12 3) you are creating keystore based on signed red5.p12 -> keystore.jks At the moment you are starting #3 above there should be NO keystore.jks, you already have renamed it to *.bak (prerequisite) Finally you are renaming passwords, they MUST match On Fri, Dec 29, 2017 at 1:25 PM, Андрей Прицепов <p.and...@fort.crimea.com> wrote: Its standard, line “jmx.keystorepass=password” ------------------- С уважением, Андрей Прицепов “Лаборатория Форт Крым” From: Yakovlev N. [mailto:yakovlev...@krvostok.ru] Sent: Friday, December 29, 2017 7:51 AM To: user@openmeetings.apache.org Subject: RE: Configure https on centos7 which passwords do you use in red5/conf/red5.properties ? From: Андрей Прицепов [mailto:p.and...@fort.crimea.com] Sent: Thursday, December 28, 2017 5:36 PM To: user@openmeetings.apache.org Subject: Configure https on centos7 Use this instruction http://openmeetings.apache.org/RTMPSAndHTTPS.html . For beginning I configure self-signed certificate. Not all in instruction was wrote, so what I do first before instruction is create self-signed sertificate: su - mkdir /opt/prytsepov cd /opt/prytsepov yum install mod_ssl openssl req -x509 -nodes -days 99999 -newkey rsa:2048 -keyout /opt/prytsepov/red5.key -out /opt/prytsepov/red5.crt Then I do by instruction: this step edit sa.crt to red5.crt or it gives errors. On this step password left empty: openssl pkcs12 -export -in red5.crt -inkey red5.key -out red5.p12 -name red5 -certfile red5.crt keytool -importkeystore -srcstorepass changeit -srckeystore red5.p12 -srcstoretype PKCS12 -deststorepass changeit -destkeystore /opt/red5401/conf/keystore.jks -alias red5 Here I see errors: keytool error:java.io.IOException:keystore password was incorrect ------------------- С уважением, Андрей Прицепов “Лаборатория Форт Крым” -- WBR Maxim aka solomax -- WBR Maxim aka solomax
