Cant start demo 2.0.0-RC2 with SSL

[Alexandre Aguiar]

Hi, 

I trying intall a bbb 2.0.0-RC2 with SSL but getting some error messages and a http 500 when creating the demo room.

Please, can someone try help me?:)

VM ubuntu 16.04 with 4gb

Java oracle 1.8.0_171

The certificate tests are ok from browser and from server java.

For some reason bbb-web get error 

org.codehaus.groovy.grails.web.errors.GrailsExceptionResolver  - ClassCastException occurred when processing request: [POST] /bigbluebutton/api/create [B cannot be cast to java.lang.String. Stacktrace follows: java.lang.ClassCastException: [B cannot be cast to java.lang.String

I put all logs below

Cheers

Alexandre Aguiar

# java SSLPoke bbb1.fla.serpro 443

Successfully connected

# openssl s_client -connect bbb1.fla.serpro:443

CONNECTED(00000003)

depth=3 C = BR, O = ICP-Brasil, OU = Instituto Nacional de Tecnologia da Informacao - ITI, CN = Autoridade Certificadora Raiz Brasileira v2

verify return:1

depth=2 C = BR, O = ICP-Brasil, OU = Autoridade Certificadora Raiz Brasileira v2, CN = AC Secretaria da Receita Federal do Brasil v3

verify return:1

depth=1 C = BR, O = ICP-Brasil, OU = Secretaria da Receita Federal do Brasil - RFB, CN = Autoridade Certificadora do SERPRORFB SSL

verify return:1

depth=0 C = BR, O = ICP-Brasil, OU = Secretaria da Receita Federal do Brasil - RFB, OU = ARSERPRO, OU = RFB e-Servidor A1, CN = bbb1.fla.serpro

verify return:1

---

Certificate chain

 0 s:/C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do Brasil - RFB/OU=ARSERPRO/OU=RFB e-Servidor A1/CN=bbb1.fla.serpro

   i:/C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do Brasil - RFB/CN=Autoridade Certificadora do SERPRORFB SSL

---

Server certificate

-----BEGIN CERTIFICATE-----

MIIHQDCCBSigAwIBAgIDAuxcMA0GCSqGSIb3DQEBCwUAMIGOMQswCQYDVQQGEwJC

UjETMBEGA1UECgwKSUNQLUJyYXNpbDE2MDQGA1UECwwtU2VjcmV0YXJpYSBkYSBS

ZWNlaXRhIEZlZGVyYWwgZG8gQnJhc2lsIC0gUkZCMTIwMAYDVQQDDClBdXRvcmlk

YWRlIENlcnRpZmljYWRvcmEgZG8gU0VSUFJPUkZCIFNTTDAeFw0xODAzMjcxODA1

NTZaFw0xOTAzMjcxODA1NTZaMIGjMQswCQYDVQQGEwJCUjETMBEGA1UECgwKSUNQ

LUJyYXNpbDE2MDQGA1UECwwtU2VjcmV0YXJpYSBkYSBSZWNlaXRhIEZlZGVyYWwg

ZG8gQnJhc2lsIC0gUkZCMREwDwYDVQQLDAhBUlNFUlBSTzEaMBgGA1UECwwRUkZC

IGUtU2Vydmlkb3IgQTExGDAWBgNVBAMMD2JiYjEuZmxhLnNlcnBybzCCASIwDQYJ

KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL8KZvQByjH/zq/QP/cY6LLWrBDlxaKk

4cxBsvyHQizd9w/11N+GQvr8VziTZuXqUyAVPhJvd0qrHz6XOx4I8E3sgh1j3UVl

kwAmM1XxpSse+c58ByeyQ2qVS2WhnJFA1Z1YPf1VG/VBHcmX0W0jIv18K8dHvVoc

rX9LFFl8kZiH+wad993X6QqaMrpPs+CFthiE35UwpLjjUSP1X5RNca6DF5KTsmxm

eTBS0qiQneXde6QUOar3mYlQ8eU76gy5DqhYk+rXd7Q4L22lSlAokhvrkR8qnT60

VUNvvxPVOkcLXCMRoP7SlKHxCgeNoCIfAajVik7Zf6M+aiNY09rh6q0CAwEAAaOC

Ao4wggKKMB8GA1UdIwQYMBaAFCCNEVxVwwFvq1bxg8xoqavC2rVjMF4GA1UdIARX

MFUwUwYGYEwBAgFbMEkwRwYIKwYBBQUHAgEWO2h0dHA6Ly9yZXBvc2l0b3Jpby5z

ZXJwcm8uZ292LmJyL2RvY3MvZHBjYWNzZXJwcm9yZmJzc2wucGRmMIGLBgNVHR8E

gYMwgYAwPaA7oDmGN2h0dHA6Ly9yZXBvc2l0b3Jpby5zZXJwcm8uZ292LmJyL2xj

ci9hY3NlcnByb3JmYnNzbC5jcmwwP6A9oDuGOWh0dHA6Ly9jZXJ0aWZpY2Fkb3My

LnNlcnByby5nb3YuYnIvbGNyL2Fjc2VycHJvcmZic3NsLmNybDBXBggrBgEFBQcB

AQRLMEkwRwYIKwYBBQUHMAKGO2h0dHA6Ly9yZXBvc2l0b3Jpby5zZXJwcm8uZ292

LmJyL2NhZGVpYXMvYWNzZXJwcm9yZmJzc2wucDdiMIHwBgNVHREEgegwgeWgOwYF

YEwBAwigMgQwU0VSVklDTyBGRURFUkFMIERFIFBST0NFU1NBTUVOVE8gREUgREFE

T1MgU0VSUFJPgg9iYmIxLmZsYS5zZXJwcm+gOAYFYEwBAwSgLwQtMTUwNzE5NzY3

Mjg0NDExNjM1MzAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwoCMGBWBMAQMCoBoE

GE1BUklBIFNUQUVMIE1FTE8gU0FNUEFJT6AZBgVgTAEDA6AQBA4zMzY4MzExMTAw

MDEwN4EbbWFyaWEuc2FtcGFpb0BzZXJwcm8uZ292LmJyMA4GA1UdDwEB/wQEAwIF

4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD

ggIBAGL88SUUckMEFSmIXcUC2L0ZTHplxu3gfmAfkJ3X5N0XSepYXIe0Wzihy937

wEQ9WVmFJ1u3AXmt+A7kkEYwjLUKjHGlWTV1TqdqfPpZipWfeajB1efaLhbCyIDs

U2M7ojkg42UEOtzpo8x8lGsd586P6cQ/vfNVa7+GH8bAm8glLbj7KiCOy8p+5pAC

8Rpzc0DtMuB1KYM0buXk98OUXjhUAxq3DRi6Qp6I/hUzkC7NfwUecOsLY1IX89I2

ecvCm9oaw+hbBRqr0oMmWCDw50KTI7MGyr8yiPj8x3RBWMfgLF8D1VafdsSXTGVJ

bbyHlfbwQopg10iPm4r0CVvOuSWAhou32CpjpU4pDl+Aromidl1RIWlUCmd9SulQ

HlKP1ZQvxN2mRJuwLY4Nm4LxxgBAbqQruTExsFeAPzggQ3RrhA2yjo2ZKPXiDM/E

sCWPgyOltRVBb1U9C05fJDpOal6qQInoeId469WWMnb6uIryx3xOyluDWwdk4rYZ

qUUguU2faWdgzppkXBowXf/yTldBR58CEtruLvHsfXrbx6GleubbKh/Y176pu+uO

E2hlKEhxsKdtryvHONhL/CrkpQrXdG5iOL6d5qKVE9i/mNyQoVGaFHPwjOQpMbvM

GYLg5B6tEOb8nU6gmv+SPNorNHW2ChecqLMrgf6Bb60nUQF2

-----END CERTIFICATE-----

subject=/C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do Brasil - RFB/OU=ARSERPRO/OU=RFB e-Servidor A1/CN=bbb1.fla.serpro

issuer=/C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do Brasil - RFB/CN=Autoridade Certificadora do SERPRORFB SSL

---

No client certificate CA names sent

Peer signing digest: SHA512

Server Temp Key: ECDH, P-256, 256 bits

---

SSL handshake has read 2535 bytes and written 431 bytes

---

New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256

Server public key is 2048 bit

Secure Renegotiation IS supported

Compression: NONE

Expansion: NONE

No ALPN negotiated

SSL-Session:

    Protocol  : TLSv1.2

    Cipher    : ECDHE-RSA-AES128-GCM-SHA256

    Session-ID: 39FC4600F354921E888E3D9C0F8437AEF8CE5D70A486CE58FDD90F1316B5970A

    Session-ID-ctx: 

    Master-Key: 300EF35D461706402C98BB0D4952823B50295E01120F3A3D8658A2CC52D7785ECB8924A0D47DB803970519F5A7A2B615

    Key-Arg   : None

    PSK identity: None

    PSK identity hint: None

    SRP username: None

    TLS session ticket lifetime hint: 600 (seconds)

    TLS session ticket:

    0000 - 0b 89 d2 ec b8 c4 19 0c-8e a9 1f a9 29 1a 2c 7b   ............).,{

    0010 - ea a7 97 4b f3 49 ba 3f-5b b2 6c b9 8a 67 a5 44   ...K.I.?[.l..g.D

    0020 - 62 b3 4c 14 c1 18 93 53-ca 54 e9 b2 9c c3 c8 64   b.L....S.T.....d

    0030 - c6 4d e3 61 d7 45 e0 59-d7 b8 7b ea 6f 1f 4f 6f   .M.a.E.Y..{.o.Oo

    0040 - 7a ef b2 de 9e 79 89 a4-f5 29 53 36 27 0f 55 60   z....y...)S6'.U`

    0050 - c2 2f 80 a3 04 b3 1e 23-4d b2 74 88 c3 b4 64 fa   ./.....#M.t...d.

    0060 - 79 ab 09 71 f6 b9 00 d3-25 eb 71 61 6d e4 12 8f   y..q....%.qam...

    0070 - 1a 36 a3 61 1f b5 5e 60-47 45 9d d9 9f 3e 6d 58   .6.a..^`GE...>mX

    0080 - 2a 8e 41 3e 50 57 d7 3e-c0 46 e0 39 9d 48 47 41   *.A>PW.>.F.9.HGA

    0090 - e2 a4 ac 1e 1d 03 f3 e1-fc ea 2e 07 6e 46 96 84   ............nF..

    00a0 - b3 13 ce fd 08 3e c2 4d-31 01 17 2b 26 4a eb b3   .....>.M1..+&J..

    Start Time: 1531921784

    Timeout   : 300 (sec)

    Verify return code: 0 (ok)

---

from /var/log/bigbluebutton/bbb-web.log 

2018-07-18T10:22:37.892-03:00 ERROR org.codehaus.groovy.grails.web.errors.GrailsExceptionResolver  - ClassCastException occurred when processing request: [POST] /bigbluebutton/api/create

[B cannot be cast to java.lang.String. Stacktrace follows:

java.lang.ClassCastException: [B cannot be cast to java.lang.String

at org.apache.http.conn.ssl.DefaultHostnameVerifier.getSubjectAltNames(DefaultHostnameVerifier.java:309)

at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:112)

at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:99)

at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:463)

at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:397)

at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)

at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)

at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359)

at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381)

at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)

at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)

at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)

at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)

at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)

at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72)

at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:221)

at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:165)

at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:140)

at org.bigbluebutton.api.ParamsProcessorUtil.getConfig(ParamsProcessorUtil.java:558)

at org.bigbluebutton.api.ParamsProcessorUtil.getDefaultConfigXML(ParamsProcessorUtil.java:530)

at org.bigbluebutton.api.ParamsProcessorUtil.processCreateParams(ParamsProcessorUtil.java:467)

at org.bigbluebutton.web.controllers.ApiController$_closure3.doCall(ApiController.groovy:163)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

at java.lang.Thread.run(Thread.java:748)

from /var/lib/tomcat7/logs/catalina.out

2018-07-18T10:22:37.892-03:00 ERROR org.codehaus.groovy.grails.web.errors.GrailsExceptionResolver  - ClassCastException occurred when processing request: [POST] /bigbluebutton/api/create

[B cannot be cast to java.lang.String. Stacktrace follows:

java.lang.ClassCastException: [B cannot be cast to java.lang.String

at org.apache.http.conn.ssl.DefaultHostnameVerifier.getSubjectAltNames(DefaultHostnameVerifier.java:309)

at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:112)

at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:99)

at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:463)

at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:397)

at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)

at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)

at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359)

at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381)

at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)

at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)

at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)

at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)

at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)

at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72)

at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:221)

at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:165)

at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:140)

at org.bigbluebutton.api.ParamsProcessorUtil.getConfig(ParamsProcessorUtil.java:558)

at org.bigbluebutton.api.ParamsProcessorUtil.getDefaultConfigXML(ParamsProcessorUtil.java:530)

at org.bigbluebutton.api.ParamsProcessorUtil.processCreateParams(ParamsProcessorUtil.java:467)

at org.bigbluebutton.web.controllers.ApiController$_closure3.doCall(ApiController.groovy:163)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

at java.lang.Thread.run(Thread.java:748)

java.io.IOException: Server returned HTTP response code: 500 for URL: https://bbb1.fla.serpro/bigbluebutton/api/create?name=Demo+Meeting&meetingID=Demo+Meeting&voiceBridge=73120&attendeePW=ap&moderatorPW=mp&isBreakoutRoom=false&record=false&checksum=ddf7b2d30e4656d2bf52527507813e3cd201f491

at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1894)

at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)

at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)

at org.apache.jsp.demo1_jsp.postURL(demo1_jsp.java:863)

at org.apache.jsp.demo1_jsp.postURL(demo1_jsp.java:832)

at org.apache.jsp.demo1_jsp.getJoinURLExtended(demo1_jsp.java:253)

at org.apache.jsp.demo1_jsp.getJoinURL(demo1_jsp.java:182)

at org.apache.jsp.demo1_jsp._jspService(demo1_jsp.java:1241)

at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)

at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)

at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)

at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:221)

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)

at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)

at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)

at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)

at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

at java.lang.Thread.run(Thread.java:748)

java.lang.NullPointerException

at java.io.StringReader.<init>(StringReader.java:50)

at org.apache.jsp.demo1_jsp.parseXml(demo1_jsp.java:895)

at org.apache.jsp.demo1_jsp.getJoinURLExtended(demo1_jsp.java:253)

at org.apache.jsp.demo1_jsp.getJoinURL(demo1_jsp.java:182)

at org.apache.jsp.demo1_jsp._jspService(demo1_jsp.java:1241)

at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)

at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)

at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)

at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:221)

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)

at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)

at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)

at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)

at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

at java.lang.Thread.run(Thread.java:748)

[Chad Pilkey]

Is that a self-signed certificate? If it is, I think tomcat has its own internal certstore and you'll have to allow the certificate in there.

[Alexandre Aguiar]

Hi Chad,

Its not a self signer certificate, its from ICP-Brasil CA.

I purge tomcat and bigbluebutton and reinstall. Without SSL all is ok, follow install steps carefully and get this error.

/var/log/bigbluebutton/bbb-web.log.2018-07-18:2018-07-18T12:08:38.102-03:00 ERROR org.codehaus.groovy.grails.web.errors.GrailsExceptionResolver  - ClassCastException occurred when processing request: [POST] /bigbluebutton/api/create

/var/log/bigbluebutton/bbb-web.log.2018-07-18:java.lang.ClassCastException: [B cannot be cast to java.lang.String

I already put all CRT files in keytore with keytool and test with SSLPoke(https://gist.github.com/4ndrej/4547029) and openssl.

~/certs$ java -Djavax.net.ssl.trustStore=/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre/lib/security/cacerts SSLPoke bbb1.fla.serpro 443

Successfully connected

This is my bbb-conf --check

$ bbb-conf --check

Need to be root to run this option

serpro@bbb1:~/certs$ sudo bbb-conf --check

BigBlueButton Server 2.0.0-RC2 (1010)

                    Kernel version: 4.4.0-121-generic

                      Distribution: Ubuntu 16.04.4 LTS (64-bit)

                            Memory: 4045 MB

/var/www/bigbluebutton/client/conf/config.xml (bbb-client)

  Port test (tunnel): rtmp://bbb1.fla.serpro

                              red5: bbb1.fla.serpro

              useWebrtcIfAvailable: true

/opt/freeswitch/etc/freeswitch/sip_profiles/external.xml (FreeSWITCH)

                         websocket: :7443

                    WebRTC enabled: true

/etc/nginx/sites-available/bigbluebutton (nginx)

                       server name: bbb1.fla.serpro

                              port: 80, [::]:80

                              port: 443 ssl

                    bbb-client dir: /var/www/bigbluebutton

/var/lib/tomcat7/webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties (bbb-web)

                      bbb-web host: bbb1.fla.serpro

/var/lib/tomcat7/webapps/demo/bbb_api_conf.jsp (API demos)

                               url: bbb1.fla.serpro

/var/www/bigbluebutton/check/conf/config.xml (client check)

                      client check: bbb1.fla.serpro

/usr/share/red5/webapps/bigbluebutton/WEB-INF/red5-web.xml (red5)

                  voice conference: FreeSWITCH

/usr/local/bigbluebutton/core/scripts/bigbluebutton.yml (record and playback)

                     playback host: bbb1.fla.serpro

                            ffmpeg: 4.0.1-0york0~16.04

** Potential problems described below **

# Warning: API URL IPs do not match host:

#

#                                IP from ifconfig: 10.200.176.82

#  /var/lib/tomcat7/webapps/demo/bbb_api_conf.jsp: bbb1.fla.serpro

# Warning: The API demos are installed and accessible from:

#

#    https://bbb1.fla.serpro/demo/demo1.jsp

#

# These API demos allow anyone to access your server without authentication

# to create/manage meetings and recordings. They are for testing purposes only.

# If you are running a production system, remove them by running:

#

#    sudo apt-get purge bbb-demo

# Warning: The client self check is installed and accessible from:

#

#    https://bbb1.fla.serpro/check

#

Thanks for help

Alexandre Aguiar

--
You received this message because you are subscribed to the Google Groups "BigBlueButton-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-dev+unsubscribe@googlegroups.com.
To post to this group, send email to bigbluebutton-dev@googlegroups.com.
Visit this group at https://groups.google.com/group/bigbluebutton-dev.
For more options, visit https://groups.google.com/d/optout.

[Alexandre Aguiar]

Hi Chad,

Its possible that this error message be related with this gradle bug.

https://github.com/gradle/gradle/issues/3663

https://issues.apache.org/jira/browse/HTTPCLIENT-1836

Cheers

2018-07-18 14:22 GMT-03:00 Chad Pilkey <capi...@gmail.com>:

[Alexandre Aguiar]

Hi,

Other note, i full remove 2.0 version and downgrade to 1.1 with success, no SSL errors.

Cheers

2018-07-18 14:22 GMT-03:00 Chad Pilkey <capi...@gmail.com>:

[Fred Dixon]

Hi Alexandre,

Can you check your SSL configuration with SSL Labs and see if you get any errors

  http://docs.bigbluebutton.org/install/install.html#test-your-https-configuration

Regards,... Fred

To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-...@googlegroups.com.
To post to this group, send email to bigblueb...@googlegroups.com.

Visit this group at https://groups.google.com/group/bigbluebutton-dev.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "BigBlueButton-dev" group.

To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-...@googlegroups.com.
To post to this group, send email to bigblueb...@googlegroups.com.

Visit this group at https://groups.google.com/group/bigbluebutton-dev.
For more options, visit https://groups.google.com/d/optout.

--

BigBlueButton Developer

http://bigbluebutton.org/

@bigbluebutton

[Chad Pilkey]

The message in the issues looks very similar to your exception. I don't know if it is applicable to BBB though because I'm pretty sure we still use gradle 2.12. I could be a dependency in one of the other components though.

Thanks for the follow up about the downgrade working also. It's very strange that this is the first time I've seen this reported here.

To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-...@googlegroups.com.
To post to this group, send email to bigblueb...@googlegroups.com.