According to your log: XmlBeanDefinitionStoreException: *Line 250 in XML document* from class path resource *[red5-core.xml]* *is invalid*
The only files you need to change are: 1) jee-container.xml (required) 2) keystore/trustore (required) 3) red5.propertes (optional) Modify this https://github.com/apache/openmeetings/blob/4.0.x/openmeetings-server/src/main/assembly/conf/jee-container.xml#L32 line to be <!-- Tomcat without SSL enabled Modify this https://github.com/apache/openmeetings/blob/4.0.x/openmeetings-server/src/main/assembly/conf/jee-container.xml#L70 line to be </bean> --> Delete this line https://github.com/apache/openmeetings/blob/4.0.x/openmeetings-server/src/main/assembly/conf/jee-container.xml#L73 line to be Delete this line https://github.com/apache/openmeetings/blob/4.0.x/openmeetings-server/src/main/assembly/conf/jee-container.xml#L132 Some reading about XML commenting: https://stackoverflow.com/questions/2757396/how-do-i-comment-out-a-block-of-tags-in-xml On Mon, Apr 2, 2018 at 11:00 AM, Alan Johnson <merch...@argentwolf.org> wrote: > Aaron, > > Thanks for the file. It did not seem to fix the issue, it still started > but it did populate the log file with a bunch of stuff: > > > root@freki:/opt/red5402/conf# cat /opt/red5402/log/red5.log > 2018-04-02 03:52:04,799 [main] INFO org.red5.server.Launcher - Red5 > Server 1.0.10 (https://github.com/Red5) > 2018-04-02 03:52:04,873 [main] INFO o.s.c.s. > FileSystemXmlApplicationContext - Refreshing org.springframework.context. > support.FileSystemXmlApplicationContext@548b7f67: startup date [Mon Apr > 02 03:52:04 UTC 2018]; root of context hierarchy > 2018-04-02 03:52:04,938 [main] INFO o.s.b.f.xml.XmlBeanDefinitionReader > - Loading XML bean definitions from class path resource [red5.xml] > 2018-04-02 03:52:05,191 [main] INFO o.s.b.f.xml.XmlBeanDefinitionReader > - Loading XML bean definitions from class path resource [jee-container.xml] > 2018-04-02 03:52:05,539 [main] INFO o.r.spring.Red5ApplicationContext - > setApplicationContext: org.springframework.context.support. > FileSystemXmlApplicationContext@548b7f67: startup date [Mon Apr 02 > 03:52:04 UTC 2018]; root of context hierarchy > 2018-04-02 03:52:05,539 [main] INFO o.r.spring.Red5ApplicationContext - > Red5ApplicationContext init > 2018-04-02 03:52:05,544 [main] INFO o.r.spring.Red5ApplicationContext - > Refreshing ApplicationContext 'red5.common': startup date [Mon Apr 02 > 03:52:05 UTC 2018]; parent: org.springframework.context.support. > FileSystemXmlApplicationContext@548b7f67 > 2018-04-02 03:52:05,545 [main] INFO o.s.b.f.xml.XmlBeanDefinitionReader > - Loading XML bean definitions from class path resource [red5-common.xml] > 2018-04-02 03:52:05,815 [main] INFO org.quartz.impl.StdSchedulerFactory > - Using default implementation for ThreadExecutor > 2018-04-02 03:52:05,839 [main] INFO o.quartz.core.SchedulerSignalerImpl > - Initialized Scheduler Signaller of type: class org.quartz.core. > SchedulerSignalerImpl > 2018-04-02 03:52:05,839 [main] INFO org.quartz.core.QuartzScheduler - > Quartz Scheduler v.2.3.0 created. > 2018-04-02 03:52:05,840 [main] INFO org.quartz.simpl.RAMJobStore - > RAMJobStore initialized. > 2018-04-02 03:52:05,841 [main] INFO org.quartz.core.QuartzScheduler - > Scheduler meta-data: Quartz Scheduler (v2.3.0) 'Red5_Scheduler' with > instanceId 'NON_CLUSTERED' > Scheduler class: 'org.quartz.core.QuartzScheduler' - running locally. > NOT STARTED. > Currently in standby mode. > Number of jobs executed: 0 > Using thread pool 'org.quartz.simpl.SimpleThreadPool' - with 32 threads. > Using job-store 'org.quartz.simpl.RAMJobStore' - which does not support > persistence. and is not clustered. > > 2018-04-02 03:52:05,841 [main] INFO org.quartz.impl.StdSchedulerFactory > - Quartz scheduler 'Red5_Scheduler' initialized from the specified file : > '/opt/red5402/conf/quartz.properties' > 2018-04-02 03:52:05,841 [main] INFO org.quartz.impl.StdSchedulerFactory > - Quartz scheduler version: 2.3.0 > 2018-04-02 03:52:05,841 [main] INFO org.quartz.core.QuartzScheduler - > Scheduler Red5_Scheduler_$_NON_CLUSTERED started. > 2018-04-02 03:52:06,528 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - > Registering beans for JMX exposure on startup > 2018-04-02 03:52:06,534 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - > Bean with name 'schedulingService' has been autodetected for JMX exposure > 2018-04-02 03:52:06,539 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - > Bean with name 'clientBroadcastStream' has been autodetected for JMX > exposure > 2018-04-02 03:52:06,928 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - > Located MBean 'schedulingService': registering with JMX server as MBean > [org.red5.server:name=schedulingService,type=QuartzSchedulingService] > 2018-04-02 03:52:06,960 [main] INFO o.r.spring.Red5ApplicationContext - > setApplicationContext: org.springframework.context.support. > FileSystemXmlApplicationContext@548b7f67: startup date [Mon Apr 02 > 03:52:04 UTC 2018]; root of context hierarchy > 2018-04-02 03:52:06,960 [main] INFO o.r.spring.Red5ApplicationContext - > Red5ApplicationContext init > 2018-04-02 03:52:06,960 [main] INFO o.r.spring.Red5ApplicationContext - > Refreshing ApplicationContext 'red5.core': startup date [Mon Apr 02 > 03:52:06 UTC 2018]; parent: ApplicationContext 'red5.common' > 2018-04-02 03:52:06,961 [main] INFO o.s.b.f.xml.XmlBeanDefinitionReader > - Loading XML bean definitions from class path resource [red5-core.xml] > 2018-04-02 03:52:07,081 [main] WARN o.s.c.s. > FileSystemXmlApplicationContext - Exception encountered during context > initialization - cancelling refresh attempt: > org.springframework.beans.factory.BeanCreationException: > Error creating bean with name 'red5.core' defined in class path resource > [red5.xml]: Invocation of init method failed; nested exception is > org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: > Line 250 in XML document from class path resource [red5-core.xml] is > invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: > 250; columnNumber: 9; cvc-complex-type.2.3: Element 'beans' cannot have > character [children], because the type's content type is element-only. > 2018-04-02 03:52:07,082 [main] INFO o.r.spring.Red5ApplicationContext - > Closing ApplicationContext 'red5.common': startup date [Mon Apr 02 03:52:05 > UTC 2018]; parent: org.springframework.context.support. > FileSystemXmlApplicationContext@548b7f67 > 2018-04-02 03:52:07,085 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - > Unregistering JMX-exposed beans on shutdown > 2018-04-02 03:52:07,085 [main] INFO o.s.j.e.a.AnnotationMBeanExporter - > Unregistering JMX-exposed beans > 2018-04-02 03:52:07,088 [main] INFO org.quartz.core.QuartzScheduler - > Scheduler Red5_Scheduler_$_NON_CLUSTERED shutting down. > 2018-04-02 03:52:07,088 [main] INFO org.quartz.core.QuartzScheduler - > Scheduler Red5_Scheduler_$_NON_CLUSTERED paused. > 2018-04-02 03:52:07,091 [main] INFO org.quartz.core.QuartzScheduler - > Scheduler Red5_Scheduler_$_NON_CLUSTERED shutdown complete. > > > On 3/30/2018 12:30 PM, Aaron Hepp wrote: > > attached is my working XML file. I would suggest once you get the all the > files configured and working: > red5-core.xml > red5.properties > jee-container.xml > > That you copy them into a new folder inside /opt (mine is /opt/files) as > this will save you from having to redo all the changes each time you > implement a new build. > > On 3/30/2018 12:16 PM, merch...@argentwolf.org wrote: > > I had added a space and it turned it all yellow in bash. > > Sent from my android device. > > -----Original Message----- > From: Aaron Hepp <aaron.h...@gmail.com> <aaron.h...@gmail.com> > To: user@openmeetings.apache.org, Alan Johnson <merch...@argentwolf.org> > <merch...@argentwolf.org>, Maxim Solodovnik <solomax...@gmail.com> > <solomax...@gmail.com> > Sent: Fri, 30 Mar 2018 12:12 > Subject: Re: Let's Encrypt and OM and Ubuntu > > Looks like you did not comment out the <!-- Tomcat without SSL enabled > -- > section. > > That has to be commented out to force SSL. > > remove the --> from that line and add it right above this line > > <!-- Tomcat with SSL enabled --> > > That will comment out the entire "non-SSL" portion. > > > On 3/30/2018 12:02 PM, Alan Johnson wrote: > > I have done both of those steps. > > > > I created the keystore via the email chain you sent the link to. That > > seemed to work with no errors. > > > > I had previously enabled/disabled tomcat. > > > > I tried an experiment and changed the comment on the file and it > > seemed to like it better (included below) and seems to have fixed the > > errors in the log file, but it isn't answering on any of the expected > > ports (5443/8443/443 <8443443>). > > > > > > From red5.properties: > > > > # Socket policy > > policy.host=0.0.0.0 > > policy.port=843 > > > > # HTTP > > http.host=0.0.0.0 > > http.port=5080 > > https.port=443 > > http.URIEncoding=UTF-8 > > http.max_headers_size=8192 > > http.max_keep_alive_requests=-1 > > http.max_threads=20 > > http.acceptor_thread_count=10 > > http.processor_cache=20 > > > > # RTMPS > > rtmps.host=0.0.0.0 > > rtmps.port=8443 > > > > > > root@freki:/opt/red5402/log# ufw status > > Status: active > > > > To Action From > > -- ------ ---- > > OpenSSH ALLOW Anywhere > > 5080 ALLOW Anywhere > > 1935 ALLOW Anywhere > > 80 ALLOW Anywhere > > 5443 ALLOW Anywhere > > 8443 ALLOW Anywhere > > 443 ALLOW Anywhere > > OpenSSH (v6) ALLOW Anywhere (v6) > > 5080 (v6) ALLOW Anywhere (v6) > > 1935 (v6) ALLOW Anywhere (v6) > > 80 (v6) ALLOW Anywhere (v6) > > 5443 (v6) ALLOW Anywhere (v6) > > 8443 (v6) ALLOW Anywhere (v6) > > 443 (v6) ALLOW Anywhere (v6) > > > > This is what is in the red5.log file, if it helps: > > > > root@freki:/opt/red5402/log# cat red5.log > > 2018-03-30 01:20:35,450 [main] INFO org.red5.server.Launcher - Red5 > > Server 1.0.10 (https://github.com/Red5) > > 2018-03-30 01:20:35,570 [main] INFO > > o.s.c.s.FileSystemXmlApplicationContext - Refreshing > > org.springframework.context.support.FileSystemXmlApplicationContex > t@548b7f67: > > startup date [Fri Mar 30 01:20:35 UTC 2018]; root of context hierarchy > > 2018-03-30 01:20:35,687 [main] INFO > > o.s.b.f.xml.XmlBeanDefinitionReader - Loading XML bean definitions > > from class path resource [red5.xml] > > 2018-03-30 01:20:36,074 [main] INFO > > o.s.b.f.xml.XmlBeanDefinitionReader - Loading XML bean definitions > > from class path resource [jee-container.xml] > > 2018-03-30 01:21:36,609 [http-nio-0.0.0.0-5080-exec-4] INFO > > o.a.coyote.http11.Http11Processor - Error parsing HTTP request header > > Note: further occurrences of HTTP request parsing errors will be > > logged at DEBUG level. > > java.lang.IllegalArgumentException: Invalid character found in method > > name. HTTP method names must be tokens > > at > > org.apache.coyote.http11.Http11InputBuffer.parseRequestLine( > Http11InputBuffer.java:410) > > at > > org.apache.coyote.http11.Http11Processor.service(Http11 > Processor.java:291) > > at > > org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight > .java:66) > > at > > org.apache.coyote.AbstractProtocol$ConnectionHandler.process(Abst > ractProtocol.java:754) > > at > > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun( > NioEndpoint.java:1376) > > at > > org.apache.tomcat.util.net.SocketProcessorBase.run(Socket > ProcessorBase.java:49) > > at > > java.util.concurrent.ThreadPoolExecutor.runWorker(T > hreadPoolExecutor.java:1149) > > at > > java.util.concurrent.ThreadPoolExecutor$Worker.run( > ThreadPoolExecutor.java:624) > > at > > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run( > TaskThread.java:61) > > at java.lang.Thread.run(Thread.java:748) > > > > Full Jee-container.xml if it helps: > > > > <?xml version="1.0" encoding="UTF-8"?> > > <!-- > > Licensed to the Apache Software Foundation (ASF) under one or more > > contributor license agreements. See the NOTICE file distributed with > > this work for additional information regarding copyright ownership. > > The ASF licenses this file to You under the Apache License, Version > > 2.0 > > (the "License"); you may not use this file except in compliance with > > the License. You may obtain a copy of the License at > > > > http://www.apache.org/licenses/LICENSE-2.0 > > > > Unless required by applicable law or agreed to in writing, software > > distributed under the License is distributed on an "AS IS" BASIS, > > WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or > > implied. > > See the License for the specific language governing permissions and > > limitations under the License. > > --> > > <beans xmlns="http://www.springframework.org/schema/beans"; > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > > xmlns:lang="http://www.springframework.org/schema/lang"; > > xsi:schemaLocation=" > > http://www.springframework.org/schema/beans > > http://www.springframework.org/schema/beans/spring-beans.xsd > > http://www.springframework.org/schema/lang > > http://www.springframework.org/schema/lang/spring-lang.xsd > > "> > > <!-- > > The tomcat connectors may be blocking or non-blocking. Select > > between either option via the protocol property. > > Blocking I/O: > > <property name="protocol" > > value="org.apache.coyote.http11.Http11Protocol" /> > > Non-blocking I/O: > > <property name="protocol" > > value="org.apache.coyote.http11.Http11NioProtocol" /> > > --> > > <!-- Tomcat without SSL enabled -- > > > <bean id="tomcat.server" > > class="org.red5.server.tomcat.TomcatLoader" > > depends-on="context.loader" lazy-init="true"> > > <property name="webappFolder" > > value="${red5.root}/webapps" /> > > <property name="connectors"> > > <list> > > <bean name="httpConnector" > > class="org.red5.server.tomcat.TomcatConnector"> > > <property name="protocol" > > value="org.apache.coyote.http11.Http11NioProtocol" /> > > <property name="address" > > value="${http.host}:${http.port}" /> > > <property name="redirectPort" > > value="${https.port}" /> > > <property > > name="connectionProperties"> > > <map> > > <entry > > key="maxKeepAliveRequests" value="${http.max_keep_alive_requests}"/> > > <entry > > key="keepAliveTimout" value="-1"/> > > </map> > > </property> > > </bean> > > </list> > > </property> > > <property name="baseHost"> > > <bean > > class="org.apache.catalina.core.StandardHost"> > > <property name="name" > > value="${http.host}" /> > > </bean> > > </property> > > <property name="valves"> > > <list> > > <bean id="valve.access" > > class="org.apache.catalina.valves.AccessLogValve"> > > <property name="directory" > > value="log" /> > > <property name="prefix" > > value="${http.host}_access." /> > > <property name="suffix" > > value=".log" /> > > <property name="pattern" > > value="common" /> > > <property name="rotatable" > > value="true" /> > > </bean> > > <bean id="valve.error" > > class="org.apache.catalina.valves.ErrorReportValve"> > > <property name="showReport" > > value="false" /> > > <property > > name="showServerInfo" value="false" /> > > </bean> > > </list> > > </property> > > </bean> > > > > <!-- Tomcat with SSL enabled --> > > > > <bean id="tomcat.server" > > class="org.red5.server.tomcat.TomcatLoader" > > depends-on="context.loader" lazy-init="true"> > > <property name="webappFolder" > > value="${red5.root}/webapps" /> > > <property name="connectors"> > > <list> > > <bean name="httpConnector" > > class="org.red5.server.tomcat.TomcatConnector"> > > <property name="protocol" > > value="org.apache.coyote.http11.Http11NioProtocol" /> > > <property name="address" > > value="${http.host}:${http.port}" /> > > <property name="redirectPort" > > value="${https.port}" /> > > </bean> > > <bean name="httpsConnector" > > class="org.red5.server.tomcat.TomcatConnector"> > > <property name="secure" > > value="true" /> > > <property name="protocol" > > value="org.apache.coyote.http11.Http11NioProtocol" /> > > <property name="address" > > value="${http.host}:${https.port}" /> > > <property name="redirectPort" > > value="${http.port}" /> > > <property > > name="connectionProperties"> > > <map> > > <entry > > key="port" value="${https.port}" /> > > <entry > > key="redirectPort" value="${http.port}" /> > > <entry > > key="SSLEnabled" value="true" /> > > <entry > > key="sslProtocol" value="TLS" /> > > <entry > > key="keystoreFile" value="${rtmps.keystorefile}" /> > > <entry > > key="keystorePass" value="${rtmps.keystorepass}" /> > > <entry > > key="truststoreFile" value="${rtmps.truststorefile}" /> > > <entry > > key="truststorePass" value="${rtmps.truststorepass}" /> > > <entry > > key="clientAuth" value="false" /> > > <entry > > key="allowUnsafeLegacyRenegotiation" value="true" /> > > <entry > > key="maxKeepAliveRequests" value="${http.max_keep_alive_requests}"/> > > <entry > > key="keepAliveTimout" value="-1"/> > > <entry > > key="useExecutor" value="true"/> > > <entry > > key="maxThreads" value="${http.max_threads}"/> > > <entry > > key="acceptorThreadCount" value="${http.acceptor_thread_count}"/> > > <entry > > key="processorCache" value="${http.processor_cache}"/> > > </map> > > </property> > > </bean> > > </list> > > </property> > > <property name="baseHost"> > > <bean > > class="org.apache.catalina.core.StandardHost"> > > <property name="name" > > value="${http.host}" /> > > </bean> > > </property> > > <property name="valves"> > > <list> > > <bean id="valve.access" > > class="org.apache.catalina.valves.AccessLogValve"> > > <property name="directory" > > value="log" /> > > <property name="prefix" > > value="${http.host}_access." /> > > <property name="suffix" > > value=".log" /> > > <property name="pattern" > > value="common" /> > > <property name="rotatable" > > value="true" /> > > </bean> > > <bean id="valve.error" > > class="org.apache.catalina.valves.ErrorReportValve"> > > <property name="showReport" > > value="false" /> > > <property > > name="showServerInfo" value="false" /> > > </bean> > > </list> > > </property> > > </bean> > > --> > > </beans> > > > > > > On 3/30/2018 2:37 AM, Maxim Solodovnik wrote: > >> Hello Alan, > >> > >> To eneble HTTPS for OM you need to do 2 things: > >> > >> 1) create valid keystore/truststore (ensure filename/path is correctly > >> defined in red5.properties) > >> 2) Edit red5/conf/jee-container.xml file: > >> Comment Tomcat without SSL enabled section > >> UNComment Tomcat with SSL enabled section > >> > >> On Fri, Mar 30, 2018 at 5:30 AM, Alan Johnson > >> <merch...@argentwolf.org> wrote: > >>> So I tried using the steps in the email, and they successfully > >>> created the > >>> keystore. > >>> > >>> However the steps to enable HTTPS web interface appear to be > >>> incorrect/have > >>> changed. > >>> > >>> Edit red5/webapps/openmeetings/public/config.xml and set > >>> <protocol>https</protocol> > >>> Edit red5/webapps/openmeetings/public/config.xml and set > >>> red5httpport to > >>> https port > >>> > >>> These files (Config.xml) are missing from the directory. > >>> > >>> root@freki:/opt/red5402/webapps/openmeetings/public# ls -al > >>> total 968 > >>> drwxr-xr-x 3 nobody root 4096 Mar 29 22:29 . > >>> drwxr-xr-x 15 nobody root 4096 Mar 28 21:08 .. > >>> -rw-rw-r-- 1 nobody root 4597 Feb 1 23:17 chat_message.mp3 > >>> drwxrwxr-x 2 nobody root 4096 Feb 24 23:00 cliparts > >>> -rw-rw-r-- 1 nobody root 11294 Feb 1 23:17 favicon.ico > >>> -rw-rw-r-- 1 nobody root 572587 Feb 24 23:00 main.swf > >>> -rw-rw-r-- 1 nobody root 384036 Feb 24 23:01 networktest.swf > >>> > >>> Please advise. > >>> > >>> > >>> > >>> On 3/29/2018 2:52 AM, Maxim Solodovnik wrote: > >>> > >>> What preventing you from using this script? > >>> > >>> On Thu, Mar 29, 2018 at 1:41 PM, Anis Aliev <aliev.a...@gmail.com> > >>> wrote: > >>> > >>> Guys from bigbluebutton aleady developed a script for installing > >>> with lE > >>> > >>> чт, 29 марта 2018 г., 9:32 Maxim Solodovnik <solomax...@gmail.com>: > >>> > >>> great :) > >>> > >>> ps please CC user@ list :) > >>> > >>> > >>> On Thu, Mar 29, 2018 at 11:18 AM, Alan Johnson > >>> <merch...@argentwolf.org> > >>> wrote: > >>> > >>> Thank you for pointing it out. I will try the steps listed in the 18 > >>> Oct > >>> 2017 email tomorrow. > >>> > >>> I might suggest that given the number of other emails asking about > >>> it to > >>> update the guide and / or build in certbot functionality to simplify > >>> the > >>> configuration. If I had my preference, the installer would offer LE > >>> https as > >>> a default option for installation. > >>> > >>> > >>> On 3/29/2018 12:13 AM, Maxim Solodovnik wrote: > >>> > >>> This topic was discussed many times: > >>> > >>> > >>> https://openmeetings.markmail.org/search/?q=letsencrypt# > query:letsencrypt+page:1+mid:ik4qdhdychl364bp+state:results > >>> > >>> > >>> What steps are not work for you? > >>> > >>> On Thu, Mar 29, 2018 at 10:14 AM, Anis Aliev <aliev.a...@gmail.com> > >>> wrote: > >>> > >>> This is why I am asking community to arrange tutorial for SSL based on > >>> LE. > >>> > >>> FYI > >>> > >>> 2018-03-29 7:22 GMT+05:00 Alan Johnson <merch...@argentwolf.org>: > >>> > >>> I saw a recent thread regarding windows 10 and Let's Encrypt. Has > >>> anyone > >>> had any success with Ubuntu and LE? > >>> > >>> I was using this guide > >>> > >>> > >>> (https://openmeetings.apache.org/RTMPSAndHTTPS.html#SSL_ > for_the_web_interface) > >>> > >>> after getting OM up and running, but I had no luck figuring out how > >>> to > >>> convert the LE certs to appropriate formats for OM? > >>> > >>> Thanks, > >>> > >>> Alan > >>> > >>> > >>> -- > >>> > >>> IT Manager,e-learning specialist > >>> Skype:aliev_anis > >>> www.facebook.com/anis.aliev > >>> Тел:989010012 > >>> > >>> > >>> > >>> > >>> -- > >>> WBR > >>> Maxim aka solomax > >>> > >>> > >>> > >> > >> > > > > > -- WBR Maxim aka solomax
