SSL broke bbb !!
409 views
Skip to first unread message
Eric Le Foll
Jan 26, 2017, 8:31:44 AM1/26/17
to BigBlueButton-Setup
Hello !
thx for bbb! impressive job !
I have follow this tuto
without any error
my bbb is running to bbb.cdg44.fr
I can access it from outside my network and from inside
it's work like a charm...
exept Audi WEBrtc vous didn'i work..
I read that:
Also, as of Chrome 47, Chrome users will be unable to share their microphone via WebRTC unless BigBlueButton is loaded via HTTPS.
So I follow instruction for use SSL (I have an official wildcard certificate for my domain name)
no error..
I can access to https://bbb.cdg44.fr
but !!!
if I join a demon session
I have this message:
An Error has occured:
| Status Code | 500 |
| Exception Type | null |
| Message | null |
| Exception | java.lang.NullPointerException at org.apache.jsp.demo1_jsp.getJoinURL(demo1_jsp.java:222) at org.apache.jsp.demo1_jsp._jspService(demo1_jsp.java:1278) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1041) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:313) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745) |
| Root Cause |
administrateur@bbb:~$ sudo bbb-conf --check
BigBlueButton Server 1.0.0 (1062)
Kernel version: 4.4.0-59-generic
Distribution: Ubuntu 14.04.5 LTS (64-bit)
Memory: 16047 MB
/var/www/bigbluebutton/client/conf/config.xml (bbb-client)
Port test (tunnel): bbb.cdg44.fr
Red5: bbb.cdg44.fr
useWebrtcIfAvailable: true
/opt/freeswitch/conf/sip_profiles/external.xml (FreeSWITCH)
websocket port: 5066
WebRTC enabled: true
/etc/nginx/sites-available/bigbluebutton (nginx)
server name: bbb.cdg44.fr
port: 80
port: 443 ssl
bbb-client dir: /var/www/bigbluebutton
/var/lib/tomcat7/webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties (bbb-web)
bbb-web host: bbb.cdg44.fr
/var/lib/tomcat7/webapps/demo/bbb_api_conf.jsp (API demos)
url: bbb.cdg44.fr
/var/www/bigbluebutton/check/conf/config.xml (client check)
client check: bbb.cdg44.fr
/usr/share/red5/webapps/bigbluebutton/WEB-INF/red5-web.xml (red5)
voice conference: FreeSWITCH
capture video: true
capture desktop: true
/usr/local/bigbluebutton/core/scripts/bigbluebutton.yml (record and playback)
playback host: bbb.cdg44.fr
** Potential problems described below **
# Warning: API URL IPs do not match host:
#
# IP from ifconfig: 192.168.14.17
# /var/lib/tomcat7/webapps/demo/bbb_api_conf.jsp: bbb.cdg44.fr
# Warning: The API demos are installed and accessible from:
#
#
# These API demos allow anyone to access your server without authentication
# to create/manage meetings and recordings. They are for testing purposes only.
# If you are running a production system, remove them by running:
#
# sudo apt-get purge bbb-demo
# Warning: The client self check is installed and accessible from:
#
#
# Error: Unable to reach default URL for presentation:
#
#
# Check value for beans.presentationService.defaultUploadedPresentation in
# /var/lib/tomcat7/webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties
administrateur@bbb:~$
who can help me ?
thx a lot !
Regards,
Eric
Fred Dixon
Jan 26, 2017, 8:57:44 AM1/26/17
to bigbluebu...@googlegroups.com
Hi Eric,
> thx for bbb! impressive job !
Thanks. We did quick check and we can access
which is good. Can you try the command on the server (via SSH)
and see if you can access the same file locally. If you get an certificate error, your BigBlueButton server isn't able to verify the certificate. This would also cause the 500 error in the API examples.
You can compare the output with the command
Regards,.. Fred
--
You received this message because you are subscribed to the Google Groups "BigBlueButton-Setup" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-setup+unsubscribe...@googlegroups.com.
To post to this group, send email to bigbluebutton-setup@googlegroups.com.
Visit this group at https://groups.google.com/group/bigbluebutton-setup.
For more options, visit https://groups.google.com/d/optout.
BigBlueButton Developer
@bigbluebutton
Eric Le Foll
Jan 26, 2017, 11:17:00 AM1/26/17
to BigBlueButton-Setup
thx !
I can DL the file only with --no-check-certificate
so you think that I have made a mistake with my cert file ?
I will search in this direction !
thx again !
administrateur@bbb:~$ wget https://bbb.cdg44.fr/default.pdf
--2017-01-26 17:12:46-- https://bbb.cdg44.fr/default.pdf
Resolving bbb.cdg44.fr (bbb.cdg44.fr)... 192.168.14.17
Connecting to bbb.cdg44.fr (bbb.cdg44.fr)|192.168.14.17|:443... connected.
ERROR: cannot verify bbb.cdg44.fr's certificate, issued by ‘/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - SHA256 - G2’:
Unable to locally verify the issuer's authority.
To connect to bbb.cdg44.fr insecurely, use `--no-check-certificate'.
administrateur@bbb:~$ wget https://bbb.cdg44.fr/default.pdf --no-check-certificate
--2017-01-26 17:13:20-- https://bbb.cdg44.fr/default.pdf
Resolving bbb.cdg44.fr (bbb.cdg44.fr)... 192.168.14.17
Connecting to bbb.cdg44.fr (bbb.cdg44.fr)|192.168.14.17|:443... connected.
WARNING: cannot verify bbb.cdg44.fr's certificate, issued by ‘/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - SHA256 - G2’:
Unable to locally verify the issuer's authority.
HTTP request sent, awaiting response... 200 OK
Length: 141727 (138K) [application/pdf]
Saving to: ‘default.pdf’
100%[=====================================================================================================================================================================>] 141,727 --.-K/s in 0s
2017-01-26 17:13:20 (414 MB/s) - ‘default.pdf’ saved [141727/141727]
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-setup+unsub...@googlegroups.com.
To post to this group, send email to bigbluebu...@googlegroups.com.
Visit this group at https://groups.google.com/group/bigbluebutton-setup.
For more options, visit https://groups.google.com/d/optout.
Fred Dixon
Jan 26, 2017, 12:43:42 PM1/26/17
to bigbluebu...@googlegroups.com
Hi Eric,
> I can DL the file only with --no-check-certificate
Yes, I think this is the root of your problem.
> so you think that I have made a mistake with my cert file ?
You need to add a root certificate to your server so it will accept your cert file as valid. I don't have steps to do this at my fingertips, but you'll probably find lots of good information through Google.
Regards,... Fred
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-setup+unsubscribe...@googlegroups.com.
To post to this group, send email to bigbluebu...@googlegroups.com.
Visit this group at https://groups.google.com/group/bigbluebutton-setup.
For more options, visit https://groups.google.com/d/optout.
--BigBlueButton Developer@bigbluebutton
--
You received this message because you are subscribed to the Google Groups "BigBlueButton-Setup" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-setup+unsub...@googlegroups.com.
To post to this group, send email to bigbluebutton-setup@googlegroups.com.
Visit this group at https://groups.google.com/group/bigbluebutton-setup.
For more options, visit https://groups.google.com/d/optout.
Calvin Walton
Jan 26, 2017, 2:58:19 PM1/26/17
to bigbluebu...@googlegroups.com
Hi,
On Thu, 2017-01-26 at 08:17 -0800, Eric Le Foll wrote:
> thx !
>
> I can DL the file only with --no-check-certificate
>
> so you think that I have made a mistake with my cert file ?
>
> I will search in this direction !
>
> thx again !
When you are testing your SSL configuration, I highly recommend using
this site:
https://www.ssllabs.com/ssltest/
to verify that it's set up correctly. This will tell you if you're
missing something or have configuration issues with certificates.
Calvin.
--
Calvin Walton <calvin...@kepstin.ca>
BigBlueButton Developer
On Thu, 2017-01-26 at 08:17 -0800, Eric Le Foll wrote:
> thx !
>
> I can DL the file only with --no-check-certificate
>
> so you think that I have made a mistake with my cert file ?
>
> I will search in this direction !
>
> thx again !
this site:
https://www.ssllabs.com/ssltest/
to verify that it's set up correctly. This will tell you if you're
missing something or have configuration issues with certificates.
Calvin.
--
Calvin Walton <calvin...@kepstin.ca>
BigBlueButton Developer
Eric Le Foll
Jan 27, 2017, 7:28:50 AM1/27/17
to BigBlueButton-Setup
thx all !
now with the good intermediate certificate all is OK...
exept webrtc but I'will open a new thread !
Mohamed Aldesoky
Feb 15, 2017, 4:30:30 AM2/15/17
to BigBlueButton-Setup
Hi Eric,
did you find any solution aboute webRTC problem with you cause i have the same prob after install ssl certificate to my server
if you solved the problem tell me plz your solution
thanks,....Erric
Regards,.......Mohamed
did you find any solution aboute webRTC problem with you cause i have the same prob after install ssl certificate to my server
if you solved the problem tell me plz your solution
thanks,....Erric
Regards,.......Mohamed
Fred Dixon
Feb 15, 2017, 7:57:51 AM2/15/17
to bigbluebu...@googlegroups.com
Hi Mohamed,
your going to want to upgrade anyway and 1.1-beta is easier to install and has more diagnostic checks in bbb-conf --check
Regards,... Fred
--
You received this message because you are subscribed to the Google Groups "BigBlueButton-Setup" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-setup+unsub...@googlegroups.com.
To post to this group, send email to bigbluebutton-setup@googlegroups.com.
Visit this group at https://groups.google.com/group/bigbluebutton-setup.
For more options, visit https://groups.google.com/d/optout.
Eric Le Foll
Feb 22, 2017, 10:33:22 AM2/22/17
to BigBlueButton-Setup
Sorry, i was away...
with a correct configuration ssl work fine.
but in ma case I was never be able to use Webrtc. configuration is to complex for me...
Sorry !
with a correct configuration ssl work fine.
but in ma case I was never be able to use Webrtc. configuration is to complex for me...
Sorry !
Reply all
Reply to author
Forward
0 new messages