Google Git
Sign in
apache / openmeetings-site / 6bd13008b6e57840acbf974e9870e75d1ebe97a2 / . / RTMPSAndHTTPS.html
blob: 6a00e51a36c0a7856ee8272b263fd3dc2de40a25 [file] [log] [blame]
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-09-23
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="author" content="Apache OpenMeetings Team" />
<meta name="Date-Revision-yyyymmdd" content="20160923" />
<meta http-equiv="Content-Language" content="en" />
<title>Apache OpenMeetings Project &#x2013; Using OpenMeetings with RTMPS and HTTPS</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.5.min.css" />
<link rel="stylesheet" href="./css/site.css" />
<link rel="stylesheet" href="./css/print.css" media="print" />
<script type="text/javascript" src="./js/apache-maven-fluido-1.5.min.js"></script>
<script type="text/javascript" src="http://openmeetings.apache.org/js/site.js"></script>
</head>
<body class="topBarDisabled">
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<a href="index.html" id="bannerLeft">
<img src="images/logo.png" alt="Apache OpenMeetings"/>
</a>
</div>
<div class="pull-right"> <a href="http://apache.org" id="bannerRight">
<img src="http://apache.org/img/asf_logo.png" alt="Apache"/>
</a>
</div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li id="publishDate">Last Published: 2016-09-23
</li>
<li class="pull-right">
<span class="divider">|</span>
<a href="https://cwiki.apache.org/confluence/display/OPENMEETINGS" class="externalLink" title="Wiki">
Wiki</a>
</li>
<li class="pull-right">
<span class="divider">|</span>
<a href="installation.html" title="Installation">
Installation</a>
</li>
<li class="pull-right">
<span class="divider">|</span>
<a href="downloads.html" title="Download">
Download</a>
</li>
<li class="pull-right">
<a href="demo.html" title="Demo">
Demo</a>
</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li>
<a href="#general" title="General">
<span class="icon-chevron-down"></span>
General</a>
<ul class="nav nav-list">
<li>
<a href="index.html" title="Home">
<span class="none"></span>
Home</a>
</li>
<li>
<a href="demo.html" title="Demo">
<span class="none"></span>
Demo</a>
</li>
<li>
<a href="license.html" title="License">
<span class="none"></span>
License</a>
</li>
<li>
<a href="http://www.apache.org/" class="externalLink" title="ASF">
<span class="none"></span>
ASF</a>
</li>
<li>
<a href="downloads.html" title="Downloads">
<span class="none"></span>
Downloads</a>
</li>
<li>
<a href="CallForLogo.html" title="Call For Logo">
<span class="none"></span>
Call For Logo</a>
</li>
<li>
<a href="NewsArchive.html" title="News archive">
<span class="none"></span>
News archive</a>
</li>
<li>
<a href="security.html" title="Security">
<span class="none"></span>
Security</a>
</li>
<li>
<a href="commercial-support.html" title="Commercial Support">
<span class="none"></span>
Commercial Support</a>
</li>
</ul>
</li>
<li>
<a href="#installation" title="Installation and Upgrade">
<span class="icon-chevron-down"></span>
Installation and Upgrade</a>
<ul class="nav nav-list">
<li>
<a href="installation.html" title="Installation">
<span class="none"></span>
Installation</a>
</li>
<li>
<a href="Upgrade.html" title="Upgrade">
<span class="none"></span>
Upgrade</a>
</li>
<li>
<a href="https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools" class="externalLink" title="Tutorials">
<span class="none"></span>
Tutorials</a>
</li>
<li>
<a href="CommandLineAdmin.html" title="Command Line Admin">
<span class="none"></span>
Command Line Admin</a>
</li>
</ul>
</li>
<li>
<a href="#community" title="Community">
<span class="icon-chevron-down"></span>
Community</a>
<ul class="nav nav-list">
<li>
<a href="get-involved.html" title="Get Involved">
<span class="none"></span>
Get Involved</a>
</li>
<li>
<a href="team-list.html" title="Committers">
<span class="none"></span>
Committers</a>
</li>
<li>
<a href="mail-lists.html" title="Mailing Lists">
<span class="none"></span>
Mailing Lists</a>
</li>
<li>
<a href="http://cwiki.apache.org/confluence/display/OPENMEETINGS/" class="externalLink" title="Wiki">
<span class="none"></span>
Wiki</a>
</li>
</ul>
</li>
<li>
<a href="#dev" title="Development">
<span class="icon-chevron-down"></span>
Development</a>
<ul class="nav nav-list">
<li>
<a href="source-repository.html" title="Source Code">
<span class="none"></span>
Source Code</a>
</li>
<li>
<a href="issue-tracking.html" title="Bugs / Issues">
<span class="none"></span>
Bugs / Issues</a>
</li>
<li>
<a href="dependencies.html" title="Dependencies">
<span class="none"></span>
Dependencies</a>
</li>
<li>
<a href="integration.html" title="Continuous Integration">
<span class="none"></span>
Continuous Integration</a>
</li>
<li>
<a href="BuildInstructions_3.0.x.html" title="Build Instructions 3.0.x">
<span class="none"></span>
Build Instructions 3.0.x</a>
</li>
<li>
<a href="BuildInstructions.html" title="Build Instructions">
<span class="none"></span>
Build Instructions</a>
</li>
<li>
<a href="JUnitTesting.html" title="JUnit Testing">
<span class="none"></span>
JUnit Testing</a>
</li>
<li>
<a href="ManualTesting.html" title="Manual Testing">
<span class="none"></span>
Manual Testing</a>
</li>
<li>
<a href="ReleaseGuide.html" title="Release Guide">
<span class="none"></span>
Release Guide</a>
</li>
<li>
<a href="WebsiteGuide.html" title="Website Guide">
<span class="none"></span>
Website Guide</a>
</li>
</ul>
</li>
<li>
<a href="#integration" title="Integration">
<span class="icon-chevron-down"></span>
Integration</a>
<ul class="nav nav-list">
<li>
<a href="openmeetings-webservice/apidocs/index.html" target="_blank" title="SOAP/REST API">
<span class="none"></span>
SOAP/REST API</a>
</li>
<li>
<a href="RestAPISample.html" title="REST API Sample">
<span class="none"></span>
REST API Sample</a>
</li>
<li>
<a href="LdapAndADS.html" title="Ldap and ADS">
<span class="none"></span>
Ldap and ADS</a>
</li>
<li>
<a href="oauth2.html" title="OAuth2">
<span class="none"></span>
OAuth2</a>
</li>
<li>
<a href="voip-sip-integration.html" title="VoIP and SIP">
<span class="none"></span>
VoIP and SIP</a>
</li>
<li>
<a href="errorvalues.html" title="Errors table">
<span class="none"></span>
Errors table</a>
</li>
</ul>
</li>
<li>
<a href="#plugins" title="Plugins">
<span class="icon-chevron-down"></span>
Plugins</a>
<ul class="nav nav-list">
<li>
<a href="MoodlePlugin.html" title="Moodle Plugin">
<span class="none"></span>
Moodle Plugin</a>
</li>
<li>
<a href="SakaiPlugin.html" title="Sakai Plugin">
<span class="none"></span>
Sakai Plugin</a>
</li>
<li>
<a href="JiraPlugin.html" title="Jira Plugin">
<span class="none"></span>
Jira Plugin</a>
</li>
<li>
<a href="JoomlaPlugin.html" title="Joomla Plugin">
<span class="none"></span>
Joomla Plugin</a>
</li>
<li>
<a href="DrupalPlugin.html" title="Drupal Plugin">
<span class="none"></span>
Drupal Plugin</a>
</li>
<li>
<a href="BitrixPlugin.html" title="Bitrix Plugin">
<span class="none"></span>
Bitrix Plugin</a>
</li>
<li>
<a href="ConfluencePlugin.html" title="Confluence Plugin">
<span class="none"></span>
Confluence Plugin</a>
</li>
<li>
<a href="SugarCRMPlugin.html" title="SugarCRM Plugin">
<span class="none"></span>
SugarCRM Plugin</a>
</li>
<li>
<a href="RedminePlugin.html" title="Redmine Plugin">
<span class="none"></span>
Redmine Plugin</a>
</li>
</ul>
</li>
<li>
<a href="#config" title="Configuration">
<span class="icon-chevron-down"></span>
Configuration</a>
<ul class="nav nav-list">
<li>
<a href="#db" title="DB Sample Configurations">
<span class="icon-chevron-down"></span>
DB Sample Configurations</a>
<ul class="nav nav-list">
<li>
<a href="ApacheDerbyConfig.html" title="Apache Derby">
<span class="none"></span>
Apache Derby</a>
</li>
<li>
<a href="IBMDB2Config.html" title="IBM DB2">
<span class="none"></span>
IBM DB2</a>
</li>
<li>
<a href="OracleConfig.html" title="Oracle">
<span class="none"></span>
Oracle</a>
</li>
<li>
<a href="MySQLConfig.html" title="MySQL">
<span class="none"></span>
MySQL</a>
</li>
<li>
<a href="PostgresConfig.html" title="Postgres">
<span class="none"></span>
Postgres</a>
</li>
<li>
<a href="MSSQLConfig.html" title="MSSQL">
<span class="none"></span>
MSSQL</a>
</li>
</ul>
</li>
<li>
<a href="#localization" title="Localization and languages">
<span class="icon-chevron-down"></span>
Localization and languages</a>
<ul class="nav nav-list">
<li>
<a href="Internationalisation.html" title="Internationalisation">
<span class="none"></span>
Internationalisation</a>
</li>
<li>
<a href="LanguageEditor.html" title="LanguageEditor">
<span class="none"></span>
LanguageEditor</a>
</li>
<li>
<a href="TimeZoneHandling.html" title="TimeZoneHandling">
<span class="none"></span>
TimeZoneHandling</a>
</li>
<li>
<a href="EditTemplates.html" title="EditTemplates">
<span class="none"></span>
EditTemplates</a>
</li>
</ul>
</li>
<li>
<a href="#port" title="NAT Port Settings">
<span class="icon-chevron-down"></span>
NAT Port Settings</a>
<ul class="nav nav-list">
<li>
<a href="PortSettings.html" title="Port settings">
<span class="none"></span>
Port settings</a>
</li>
</ul>
</li>
<li>
<a href="#performance" title="Performance">
<span class="icon-chevron-down"></span>
Performance</a>
<ul class="nav nav-list">
<li>
<a href="JVMPerformanceTuning.html" title="JVM performance tuning">
<span class="none"></span>
JVM performance tuning</a>
</li>
<li>
<a href="NetworkCalculator.html" title="Network bandwidth calculator">
<span class="none"></span>
Network bandwidth calculator</a>
</li>
</ul>
</li>
<li>
<a href="#interface" title="User Interface">
<span class="icon-chevron-down"></span>
User Interface</a>
<ul class="nav nav-list">
<li>
<a href="themes-and-branding.html" title="Themes">
<span class="none"></span>
Themes</a>
</li>
<li>
<a href="Dashboard.html" title="Dashboard">
<span class="none"></span>
Dashboard</a>
</li>
<li>
<a href="WebcamResolutions.html" title="Webcam resolutions">
<span class="none"></span>
Webcam resolutions</a>
</li>
<li>
<a href="ConferenceRoomLayoutOptions.html" title="Room layout options">
<span class="none"></span>
Room layout options</a>
</li>
<li>
<a href="HotKeys.html" title="Hot Keys">
<span class="none"></span>
Hot Keys</a>
</li>
</ul>
</li>
<li>
<a href="#customize" title="Customization">
<span class="icon-chevron-down"></span>
Customization</a>
<ul class="nav nav-list">
<li>
<a href="WebappNamePath.html" title="Webapp name/path">
<span class="none"></span>
Webapp name/path</a>
</li>
<li>
<a href="Navigation.html" title="Navigation">
<span class="none"></span>
Navigation</a>
</li>
<li>
<a href="CalendarAndTimezone.html" title="Calendar and timezone">
<span class="none"></span>
Calendar and timezone</a>
</li>
<li>
<a href="CustomRoomTypeHowTo.html" title="Custom room type">
<span class="none"></span>
Custom room type</a>
</li>
<li>
<a href="CustomCryptMechanism.html" title="Custom crypt mechanism">
<span class="none"></span>
Custom crypt mechanism</a>
</li>
<li>
<a href="GeneralConfiguration.html" title="General Configuration">
<span class="none"></span>
General Configuration</a>
</li>
</ul>
</li>
<li>
<a href="#security" title="Security">
<span class="icon-chevron-down"></span>
Security</a>
<ul class="nav nav-list">
<li>
<a href="RestrictedAccess.html" title="Restricted Access">
<span class="none"></span>
Restricted Access</a>
</li>
<li class="active">
<a href="#"><span class="none"></span>RTMPS and HTTPS</a>
</li>
</ul>
</li>
<li>
<a href="#convert" title="Converters">
<span class="icon-chevron-down"></span>
Converters</a>
<ul class="nav nav-list">
<li>
<a href="OpenOfficeConverter.html" title="OpenOffice Converter">
<span class="none"></span>
OpenOffice Converter</a>
</li>
<li>
<a href="FFMPEGVersionSwitch.html" title="FFMPEG Version Switch">
<span class="none"></span>
FFMPEG Version Switch</a>
</li>
</ul>
</li>
<li>
<a href="#cluster" title="Clustering">
<span class="icon-chevron-down"></span>
Clustering</a>
<ul class="nav nav-list">
<li>
<a href="Clustering.html" title="Clustering">
<span class="none"></span>
Clustering</a>
</li>
</ul>
</li>
<li>
<a href="#misc" title="Misc">
<span class="icon-chevron-down"></span>
Misc</a>
<ul class="nav nav-list">
<li>
<a href="GetVersionInfo.html" title="Get version info">
<span class="none"></span>
Get version info</a>
</li>
</ul>
</li>
</ul>
</li>
</ul>
<hr />
<div id="poweredBy">
<div class="clear"></div>
<div class="clear"></div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img class="builtBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span10" >
<div class="section">
<h2><a name="Using_OpenMeetings_with_RTMPS_and_HTTPS"></a>Using OpenMeetings with RTMPS and HTTPS</h2>
<p>There are 3 ways the client communicates with the server: </p>
<ul>
<li>The flash-client uses RTMP protocol to transfer Audio/Video and
to send and receive the user data (login et cetera) to the server
and back
</li>
<li>The browser uses HTTP protocol to load the SWF and to upload and
download the files (documents, pdfs, images) to the server and
back.
</li>
<li>The screensharing client uses RTMP protocol to transfer screen
data and remote control to the server and back
</li>
</ul>
</div>
<div class="section">
<h2><a name="Prerequisites"></a>Prerequisites</h2>
<ul>
<li>You need OpenMeetings 1.9.x or later for this, OpenMeetings 1.8.x does not have those options.</li>
<li>Install OpenMeetings according to the install instructions and check that it runs without problems</li>
<li>Rename the existing keystore file <tt>red5/conf/keystore.jmx</tt> to <tt>red5/conf/keystore.bak</tt></li>
<li>Rename the existing truststore file <tt>red5/conf/truststore.jmx</tt> to <tt>red5/conf/truststore.bak</tt></li>
</ul>
</div>
<div class="section">
<h2><a name="Configuring_RTMPS_for_the_Flash_Client"></a>Configuring RTMPS for the Flash Client</h2>
<ol style="list-style-type: decimal">
<li>
Create a new keystore and key, use the same password for both:<br />
<br />
<div class="source"><pre class="prettyprint">
keytool -keysize 2048 -genkey -alias red5 -keyalg RSA -keystore red5/conf/keystore
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: &lt;your hostname, e.g demo.openmeetings.de&gt;
What is the name of your organizational unit?
[Unknown]: Dev
What is the name of your organization?
[Unknown]: OpenMeetings
What is the name of your City or Locality?
[Unknown]: Henderson
What is the name of your State or Province?
[Unknown]: Nevada
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=demo.openmeetings.de, OU=Dev, O=OpenMeetings, L=Henderson, ST=Nevada, C=US correct?
[no]: yes
Enter key password for &lt;red5&gt;
</pre></div>
</li>
<li>Generate a CSR:
<div class="source"><pre class="prettyprint">keytool -certreq -keyalg RSA -alias red5 -file red5.csr -keystore red5/conf/keystore</pre></div>
</li>
<li>Submit CSR to your CA of choice and receive a signed certificate
</li>
<li>Import your chosen CA's root certificate into the keystore (may
need to download it from their site - make sure to get the root CA and
not the intermediate one):
<div class="source"><pre class="prettyprint">keytool -import -alias root -keystore red5/conf/keystore -trustcacerts -file root.crt</pre></div>
(note: you may receive a warning that the certificate already exists in the system wide keystore - import
anyway)
</li>
<li>Import the intermediate certificate(s) you normally receive with
the certificate:
<div class="source"><pre class="prettyprint">keytool -import -alias intermed -keystore red5/conf/keystore -trustcacerts -file intermediate.crt</pre></div>
</li>
<li>Import the certificate you received:
<div class="source"><pre class="prettyprint">keytool -import -alias red5 -keystore red5/conf/keystore -trustcacerts -file demo.openmeetings.de.crt</pre></div>
</li>
<li>Please NOTE according to this <a class="externalLink" href="http://javarevisited.blogspot.com/2012/09/difference-between-truststore-vs-keyStore-Java-SSL.html">http://javarevisited.blogspot.com/2012/09/difference-between-truststore-vs-keyStore-Java-SSL.html</a>
guide you can split keystore and truststore (OPTIONAL you might just copy keystore to truststore)
</li>
<li>Create additional certificate as described above.
Add this certificate to the following keystores: <tt>red5/conf/keystore.screen</tt> and <tt>red5/conf/keystore</tt>. (This step is required to be able to use
screen-sharing web application, you can copy &quot;main&quot; keystore while testing)
</li>
</ol>
</div>
<div class="section">
<h2><a name="SSL_for_the_web_interface"></a>SSL for the web interface</h2>
<p>Please perform following steps if you want to use SSL for the web interface.
This is mainly to secure the server against MITM attacks, additionally some other features
like file uploads also use a plain HTTP connection if this is not
done. The following instructions assume that you have already set up
RTMPS successfully. </p>
<ol style="list-style-type: decimal">
<li>
Edit <tt>red5/conf/jee-container.xml</tt> file:<br />
Comment <tt>Tomcat without SSL enabled</tt> section<br />
UNComment <tt>Tomcat with SSL enabled</tt> section
</li>
<li>
Edit <tt>red5/webapps/openmeetings/public/config.xml</tt> and set
<br />
<div class="source"><pre class="prettyprint">
&lt;protocol&gt;https&lt;/protocol&gt;
&lt;red5httpport&gt;5443&lt;/red5httpport&gt;
</pre></div>
</li>
<li>
Restart red5 and try to connect to
<u>https://your.server:5443</u> - you should be redirected to the OpenMeetings
app and all access should be via HTTPS and/or RTMPS (close port 5080 to be sure).
</li>
</ol>
</div>
<div class="section">
<h2><a name="Set_up_RTMPS"></a>Set up RTMPS</h2>
<div class="section">
<h3><a name="Tunneling_RTMPS"></a>Tunneling RTMPS</h3>
<ol style="list-style-type: decimal">
<li>HTTPS need to be enabled otherwise tunneling will not work (it can be set up using frontend nginx/apache as well)</li>
<li>
Edit <tt>red5/webapps/openmeetings/public/config.xml</tt> and set<br />
<br />
<div class="source"><pre class="prettyprint">
&lt;rtmpsslport&gt;5443&lt;/rtmpsslport&gt;
&lt;useSSL&gt;yes&lt;/useSSL&gt;
&lt;proxyType&gt;none&lt;/proxyType&gt;
</pre></div>
</li>
<li>Please NOTE <tt>rtmpsslport</tt> port set in <tt>red5/webapps/openmeetings/public/config.xml</tt> should match
<tt>https</tt> port set in <tt>red5/conf/red5.properties</tt>
</li>
<li>Restart red5 and try to connect - your connection should now be made via RTMPS (close port 1935 to be sure)
</li>
</ol>
</div>
<div class="section">
<h3><a name="Native_RTMPS"></a>Native RTMPS</h3>
<ol style="list-style-type: decimal">
<li> Default RTMPS port is 8443, you can change it by editing <tt>red5/conf/red5.properties</tt> and change the port here: <tt>rtmps.port=8443</tt><br />
Please set <tt>rtmps.keystorepass=password</tt> and <tt>rtmps.truststorepass=password</tt>
(password = password you set on your new keystore(s))<br />
Additionally you need to set <tt>rtmps.screen.keystorepass=screenpassword</tt> (screenpassword = password you set on your keystore for screen-sharing application)
</li>
<li>
Edit <tt>red5/conf/red5-core.xml</tt> file:<br />
UNComment <tt>RTMPS</tt> section
</li>
<li>
Edit <tt>red5/webapps/openmeetings/public/config.xml</tt> and set<br />
<br />
<div class="source"><pre class="prettyprint">
&lt;rtmpsslport&gt;8443&lt;/rtmpsslport&gt;
&lt;useSSL&gt;yes&lt;/useSSL&gt;
&lt;proxyType&gt;best&lt;/proxyType&gt;
</pre></div>
</li>
<li>Please NOTE <tt>rtmps</tt> port set in <tt>red5/conf/red5.properties</tt> should be in sync with the <tt>rtmpsslport</tt> set in
<tt>red5/webapps/openmeetings/public/config.xml</tt>
</li>
<li>Restart red5 and try to connect - your connection should now be made via RTMPS (close port 1935 to be sure)
</li>
</ol>
</div></div>
<div class="section">
<h2><a name="Credits"></a>Credits</h2>
<p>Credits goto: Nexus and Holger Rabbach for their help and
contribution and configuration documention! </p>
</div>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2016
<a href="http://apache.org">Apache Software Foundation</a>.
All rights reserved.
</p>
</div>
</div>
</footer>
</body>
</html>