It was the red5.properties that was causing the issue. I never scrolled
down far enough to see the section and since I used a "real" password it
was not authenticating the the stores(s). Once everything was changed
it worked as expected.
Thank you for your assistance.
On 3/18/2018 9:21 AM, Maxim Solodovnik wrote:
I'm usually using `netstat -an|grep 5443` (never used nmap)
According to your configs
jee-container.xml looks good
keystore/trustsrore file/pass need to be set in red5.properties
It should match your actual keystore
I wouls run red5.sh from console and check what is being printed
On Sun, Mar 18, 2018 at 1:52 AM, Aaron Hepp <aaron.h...@gmail.com> wrote:
I have followed a few different guides on importing a cert into a Tomcat
installation from my cert provider as well from the OM site:
https://openmeetings.apache.org/RTMPSAndHTTPS.html
https://helpdesk.ssls.com/hc/en-us/articles/203505171-How-to-install-a-SSL-certificate-on-a-Tomcat-server
last portion you need to changed the XML file. For OM installation you need
to comment out the "Tomcat without SSL enabled" via <!-- --> and remove
them from "Tomcat with SSL enable" in /opt/om/conf/ jee-container.xml
Saved all files and shutdown and restarted the red5 service. Do a NMAP and
still shows OM listening on 5080 and 1935. I have gone into the OM
installation and changed flash.secure = true and restarted from there and
still showing the listening on those ports.
server:~# nmap localhost
Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-17 18:36 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000027s latency).
rDNS record for 127.0.0.1: localhost.localdomain
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
1935/tcp open rtmp****
3306/tcp open mysql
5080/tcp open onscreen****
9999/tcp open abyss
Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
Is there other steps that need to be taken to get it to start listening on
5443? I did notice the four entries below. Do I need to edit them with my
jks file locations and the password used to create or since client auth is
disabled that they are not needed?
<entry
key="keystoreFile" value="${rtmps.keystorefile}" />
<entry
key="keystorePass" value="${rtmps.keystorepass}" />
<entry
key="truststoreFile" value="${rtmps.truststorefile}" />
<entry
key="truststorePass" value="${rtmps.truststorepass}" />
I have attached the xml file to make sure that is correct. Need to get this
moved over to SSL as the last browser to still support unsecured flash is
Firefox, and from what I understand that will be removed in the next
revision.
