I trying intall a bbb 2.0.0-RC2 with SSL but getting some error messages and a http 500 when creating the demo room.
The certificate tests are ok from browser and from server java.
# java SSLPoke bbb1.fla.serpro 443
Successfully connected
# openssl s_client -connect bbb1.fla.serpro:443
CONNECTED(00000003)
depth=3 C = BR, O = ICP-Brasil, OU = Instituto Nacional de Tecnologia da Informacao - ITI, CN = Autoridade Certificadora Raiz Brasileira v2
verify return:1
depth=2 C = BR, O = ICP-Brasil, OU = Autoridade Certificadora Raiz Brasileira v2, CN = AC Secretaria da Receita Federal do Brasil v3
verify return:1
depth=1 C = BR, O = ICP-Brasil, OU = Secretaria da Receita Federal do Brasil - RFB, CN = Autoridade Certificadora do SERPRORFB SSL
verify return:1
depth=0 C = BR, O = ICP-Brasil, OU = Secretaria da Receita Federal do Brasil - RFB, OU = ARSERPRO, OU = RFB e-Servidor A1, CN = bbb1.fla.serpro
verify return:1
---
Certificate chain
0 s:/C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do Brasil - RFB/OU=ARSERPRO/OU=RFB e-Servidor A1/CN=bbb1.fla.serpro
i:/C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do Brasil - RFB/CN=Autoridade Certificadora do SERPRORFB SSL
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHQDCCBSigAwIBAgIDAuxcMA0GCSqGSIb3DQEBCwUAMIGOMQswCQYDVQQGEwJC
UjETMBEGA1UECgwKSUNQLUJyYXNpbDE2MDQGA1UECwwtU2VjcmV0YXJpYSBkYSBS
ZWNlaXRhIEZlZGVyYWwgZG8gQnJhc2lsIC0gUkZCMTIwMAYDVQQDDClBdXRvcmlk
YWRlIENlcnRpZmljYWRvcmEgZG8gU0VSUFJPUkZCIFNTTDAeFw0xODAzMjcxODA1
NTZaFw0xOTAzMjcxODA1NTZaMIGjMQswCQYDVQQGEwJCUjETMBEGA1UECgwKSUNQ
LUJyYXNpbDE2MDQGA1UECwwtU2VjcmV0YXJpYSBkYSBSZWNlaXRhIEZlZGVyYWwg
ZG8gQnJhc2lsIC0gUkZCMREwDwYDVQQLDAhBUlNFUlBSTzEaMBgGA1UECwwRUkZC
IGUtU2Vydmlkb3IgQTExGDAWBgNVBAMMD2JiYjEuZmxhLnNlcnBybzCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL8KZvQByjH/zq/QP/cY6LLWrBDlxaKk
4cxBsvyHQizd9w/11N+GQvr8VziTZuXqUyAVPhJvd0qrHz6XOx4I8E3sgh1j3UVl
kwAmM1XxpSse+c58ByeyQ2qVS2WhnJFA1Z1YPf1VG/VBHcmX0W0jIv18K8dHvVoc
rX9LFFl8kZiH+wad993X6QqaMrpPs+CFthiE35UwpLjjUSP1X5RNca6DF5KTsmxm
eTBS0qiQneXde6QUOar3mYlQ8eU76gy5DqhYk+rXd7Q4L22lSlAokhvrkR8qnT60
VUNvvxPVOkcLXCMRoP7SlKHxCgeNoCIfAajVik7Zf6M+aiNY09rh6q0CAwEAAaOC
Ao4wggKKMB8GA1UdIwQYMBaAFCCNEVxVwwFvq1bxg8xoqavC2rVjMF4GA1UdIARX
MFUwUwYGYEwBAgFbMEkwRwYIKwYBBQUHAgEWO2h0dHA6Ly9yZXBvc2l0b3Jpby5z
ZXJwcm8uZ292LmJyL2RvY3MvZHBjYWNzZXJwcm9yZmJzc2wucGRmMIGLBgNVHR8E
gYMwgYAwPaA7oDmGN2h0dHA6Ly9yZXBvc2l0b3Jpby5zZXJwcm8uZ292LmJyL2xj
ci9hY3NlcnByb3JmYnNzbC5jcmwwP6A9oDuGOWh0dHA6Ly9jZXJ0aWZpY2Fkb3My
LnNlcnByby5nb3YuYnIvbGNyL2Fjc2VycHJvcmZic3NsLmNybDBXBggrBgEFBQcB
AQRLMEkwRwYIKwYBBQUHMAKGO2h0dHA6Ly9yZXBvc2l0b3Jpby5zZXJwcm8uZ292
LmJyL2NhZGVpYXMvYWNzZXJwcm9yZmJzc2wucDdiMIHwBgNVHREEgegwgeWgOwYF
YEwBAwigMgQwU0VSVklDTyBGRURFUkFMIERFIFBST0NFU1NBTUVOVE8gREUgREFE
T1MgU0VSUFJPgg9iYmIxLmZsYS5zZXJwcm+gOAYFYEwBAwSgLwQtMTUwNzE5NzY3
Mjg0NDExNjM1MzAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwoCMGBWBMAQMCoBoE
GE1BUklBIFNUQUVMIE1FTE8gU0FNUEFJT6AZBgVgTAEDA6AQBA4zMzY4MzExMTAw
MDEwN4EbbWFyaWEuc2FtcGFpb0BzZXJwcm8uZ292LmJyMA4GA1UdDwEB/wQEAwIF
4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD
ggIBAGL88SUUckMEFSmIXcUC2L0ZTHplxu3gfmAfkJ3X5N0XSepYXIe0Wzihy937
wEQ9WVmFJ1u3AXmt+A7kkEYwjLUKjHGlWTV1TqdqfPpZipWfeajB1efaLhbCyIDs
U2M7ojkg42UEOtzpo8x8lGsd586P6cQ/vfNVa7+GH8bAm8glLbj7KiCOy8p+5pAC
8Rpzc0DtMuB1KYM0buXk98OUXjhUAxq3DRi6Qp6I/hUzkC7NfwUecOsLY1IX89I2
ecvCm9oaw+hbBRqr0oMmWCDw50KTI7MGyr8yiPj8x3RBWMfgLF8D1VafdsSXTGVJ
bbyHlfbwQopg10iPm4r0CVvOuSWAhou32CpjpU4pDl+Aromidl1RIWlUCmd9SulQ
HlKP1ZQvxN2mRJuwLY4Nm4LxxgBAbqQruTExsFeAPzggQ3RrhA2yjo2ZKPXiDM/E
sCWPgyOltRVBb1U9C05fJDpOal6qQInoeId469WWMnb6uIryx3xOyluDWwdk4rYZ
qUUguU2faWdgzppkXBowXf/yTldBR58CEtruLvHsfXrbx6GleubbKh/Y176pu+uO
E2hlKEhxsKdtryvHONhL/CrkpQrXdG5iOL6d5qKVE9i/mNyQoVGaFHPwjOQpMbvM
GYLg5B6tEOb8nU6gmv+SPNorNHW2ChecqLMrgf6Bb60nUQF2
-----END CERTIFICATE-----
subject=/C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do Brasil - RFB/OU=ARSERPRO/OU=RFB e-Servidor A1/CN=bbb1.fla.serpro
issuer=/C=BR/O=ICP-Brasil/OU=Secretaria da Receita Federal do Brasil - RFB/CN=Autoridade Certificadora do SERPRORFB SSL
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 2535 bytes and written 431 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 39FC4600F354921E888E3D9C0F8437AEF8CE5D70A486CE58FDD90F1316B5970A
Session-ID-ctx:
Master-Key: 300EF35D461706402C98BB0D4952823B50295E01120F3A3D8658A2CC52D7785ECB8924A0D47DB803970519F5A7A2B615
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 600 (seconds)
TLS session ticket:
0000 - 0b 89 d2 ec b8 c4 19 0c-8e a9 1f a9 29 1a 2c 7b ............).,{
0010 - ea a7 97 4b f3 49 ba 3f-5b b2 6c b9 8a 67 a5 44 ...K.I.?[.l..g.D
0020 - 62 b3 4c 14 c1 18 93 53-ca 54 e9 b2 9c c3 c8 64 b.L....S.T.....d
0030 - c6 4d e3 61 d7 45 e0 59-d7 b8 7b ea 6f 1f 4f 6f .M.a.E.Y..{.o.Oo
0040 - 7a ef b2 de 9e 79 89 a4-f5 29 53 36 27 0f 55 60 z....y...)S6'.U`
0050 - c2 2f 80 a3 04 b3 1e 23-4d b2 74 88 c3 b4 64 fa ./.....#M.t...d.
0060 - 79 ab 09 71 f6 b9 00 d3-25 eb 71 61 6d e4 12 8f y..q....%.qam...
0070 - 1a 36 a3 61 1f b5 5e 60-47 45 9d d9 9f 3e 6d 58 .6.a..^`GE...>mX
0080 - 2a 8e 41 3e 50 57 d7 3e-c0 46 e0 39 9d 48 47 41 *.A>PW.>.F.9.HGA
0090 - e2 a4 ac 1e 1d 03 f3 e1-fc ea 2e 07 6e 46 96 84 ............nF..
00a0 - b3 13 ce fd 08 3e c2 4d-31 01 17 2b 26 4a eb b3 .....>.M1..+&J..
Start Time: 1531921784
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
from /var/log/bigbluebutton/bbb-web.log
2018-07-18T10:22:37.892-03:00 ERROR org.codehaus.groovy.grails.web.errors.GrailsExceptionResolver - ClassCastException occurred when processing request: [POST] /bigbluebutton/api/create
[B cannot be cast to java.lang.String. Stacktrace follows:
java.lang.ClassCastException: [B cannot be cast to java.lang.String
at org.apache.http.conn.ssl.DefaultHostnameVerifier.getSubjectAltNames(DefaultHostnameVerifier.java:309)
at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:112)
at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:99)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:463)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:397)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:221)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:165)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:140)
at org.bigbluebutton.api.ParamsProcessorUtil.getConfig(ParamsProcessorUtil.java:558)
at org.bigbluebutton.api.ParamsProcessorUtil.getDefaultConfigXML(ParamsProcessorUtil.java:530)
at org.bigbluebutton.api.ParamsProcessorUtil.processCreateParams(ParamsProcessorUtil.java:467)
at org.bigbluebutton.web.controllers.ApiController$_closure3.doCall(ApiController.groovy:163)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
from /var/lib/tomcat7/logs/catalina.out
2018-07-18T10:22:37.892-03:00 ERROR org.codehaus.groovy.grails.web.errors.GrailsExceptionResolver - ClassCastException occurred when processing request: [POST] /bigbluebutton/api/create
[B cannot be cast to java.lang.String. Stacktrace follows:
java.lang.ClassCastException: [B cannot be cast to java.lang.String
at org.apache.http.conn.ssl.DefaultHostnameVerifier.getSubjectAltNames(DefaultHostnameVerifier.java:309)
at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:112)
at org.apache.http.conn.ssl.DefaultHostnameVerifier.verify(DefaultHostnameVerifier.java:99)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:463)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:397)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:221)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:165)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:140)
at org.bigbluebutton.api.ParamsProcessorUtil.getConfig(ParamsProcessorUtil.java:558)
at org.bigbluebutton.api.ParamsProcessorUtil.getDefaultConfigXML(ParamsProcessorUtil.java:530)
at org.bigbluebutton.api.ParamsProcessorUtil.processCreateParams(ParamsProcessorUtil.java:467)
at org.bigbluebutton.web.controllers.ApiController$_closure3.doCall(ApiController.groovy:163)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1894)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
at org.apache.jsp.demo1_jsp.postURL(demo1_jsp.java:863)
at org.apache.jsp.demo1_jsp.postURL(demo1_jsp.java:832)
at org.apache.jsp.demo1_jsp.getJoinURLExtended(demo1_jsp.java:253)
at org.apache.jsp.demo1_jsp.getJoinURL(demo1_jsp.java:182)
at org.apache.jsp.demo1_jsp._jspService(demo1_jsp.java:1241)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:221)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
java.lang.NullPointerException
at java.io.StringReader.<init>(StringReader.java:50)
at org.apache.jsp.demo1_jsp.parseXml(demo1_jsp.java:895)
at org.apache.jsp.demo1_jsp.getJoinURLExtended(demo1_jsp.java:253)
at org.apache.jsp.demo1_jsp.getJoinURL(demo1_jsp.java:182)
at org.apache.jsp.demo1_jsp._jspService(demo1_jsp.java:1241)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:221)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)