Hello World Java with Lets Encrypt on AWS
247 views
Skip to first unread message
mi...@ammonite.com.au
Aug 13, 2017, 9:33:27 PM8/13/17
to kurento
Hi,
This generated a MyDSKeyStore.jks which I put in /home/ubuntu/kurento-tutorial-java/kurento-hello-world/src/main/resources
Now test it:
Thank you very much in advance,
I have the Java hello world app working on AWS (Ubuntu 14.04).
However it works without a trusted SSL (continue to this site anyway), but I want to get it working on my site with a Lets Encrypt SSL Certificate.
So this is the process I've followed but I'm getting a Build Failure that has me stumped:
1. Generate SSL Certificate - using Lets Encrypt which has created these files:
/etc/letsencrypt/live/{mydomainname}/cert.pem
/etc/letsencrypt/live/{mydomainname}/chain.pem
/etc/letsencrypt/live/{mydomainname}/fullchain.pem
/etc/letsencrypt/live/{mydomainname}/privkey.pem2. Uncomment Secure section in /etc/kurento/kurento.conf.json - (I symlinked fullchain.pem above into this directory)
{
"mediaServer" : {
"resources": {
// //Resources usage limit for raising an exception when an object creation is attempted
// "exceptionLimit": "0.8",
// // Resources usage limit for restarting the server when no objects are alive
// "killLimit": "0.7",
// Garbage collector period in seconds
"garbageCollectorPeriod": 240
},
"net" : {
"websocket": {
"port": 8888,
"secure": {
"port": 8433,
"certificate": "fullchain.pem",
"password": ""
},
//"registrar": {
// "address": "ws://localhost:9090",
// "localAddress": "localhost"
//},
"path": "kurento",
"threads": 10
}
}
}
}3. Generate a Keystore.JKS from the Lets Encrypt Certificate for the Hello World Java App - (followed this guide: https://community.letsencrypt.org/t/how-to-use-the-certificate-for-tomcat/3677/3):
openssl pkcs12 -export -in cert.pem -inkey privkey.pem -out cert_and_key.p12 -name tomcat -CAfile chain.pem -caname root
keytool -importkeystore -deststorepass <changeit> -destkeypass <changeit> -destkeystore MyDSKeyStore.jks -srckeystore cert_and_key.p12 -srcstoretype PKCS12 -srcstorepass <thePasswordUsedInTheCommandAbove> -alias tomcat
keytool -import -trustcacerts -alias root -file chain.pem -keystore MyDSKeyStore.jksThis generated a MyDSKeyStore.jks which I put in /home/ubuntu/kurento-tutorial-java/kurento-hello-world/src/main/resources
Then modified the application.properties to:
server.port: 8443
server.ssl.key-store: MyDSKeyStore.jks
server.ssl.key-store-password: kurento
server.ssl.keyStoreType: JKS
server.ssl.keyAlias: tomcatsudo service kurento-media-server-6.0 restart
mvn compile exec:java
and it fails - looks like it starts with an error creating the heartbeat to the server - What am I doing wrong? (full log attached)
.------------------------------------.
| |
| | |/ / _ _ _ ___ _ _| |_ ___ |
| | ' < || | '_/ -_) ' \ _/ _ \ |
| |_|\_\_,_|_| \___|_||_\__\___/ |
| |
'------------------------------------'
Kurento Java Tutorial - Hello World
Version 6.6.0
2017-08-14 01:27:17.739 INFO 3002 --- [WorldApp.main()] o.k.tutorial.helloworld.HelloWorldApp : Starting HelloWorldApp on ip-172-30-0-247 with PID 3002 (/home/ubuntu/kurento-tutorial-java/kurento-hello-world/target/classes started by root in /home/ubuntu/kurento-tutorial-java/kurento-hello-world)
2017-08-14 01:27:17.759 INFO 3002 --- [WorldApp.main()] o.k.tutorial.helloworld.HelloWorldApp : No active profile set, falling back to default profiles: default
2017-08-14 01:27:17.959 INFO 3002 --- [WorldApp.main()] ationConfigEmbeddedWebApplicationContext : Refreshing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@17973e0: startup date [Mon Aug 14 01:27:17 UTC 2017]; root of context hierarchy
2017-08-14 01:27:20.544 INFO 3002 --- [WorldApp.main()] f.a.AutowiredAnnotationBeanPostProcessor : JSR-330 'javax.inject.Inject' annotation found and supported for autowiring
2017-08-14 01:27:21.132 INFO 3002 --- [WorldApp.main()] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat initialized with port(s): 8443 (https)
2017-08-14 01:27:21.161 INFO 3002 --- [WorldApp.main()] o.apache.catalina.core.StandardService : Starting service Tomcat
2017-08-14 01:27:21.164 INFO 3002 --- [WorldApp.main()] org.apache.catalina.core.StandardEngine : Starting Servlet Engine: Apache Tomcat/8.0.28
2017-08-14 01:27:21.239 INFO 3002 --- [ost-startStop-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2017-08-14 01:27:21.240 INFO 3002 --- [ost-startStop-1] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 3296 ms
2017-08-14 01:27:21.922 INFO 3002 --- [ost-startStop-1] o.s.b.c.e.ServletRegistrationBean : Mapping servlet: 'dispatcherServlet' to [/]
2017-08-14 01:27:21.937 INFO 3002 --- [ost-startStop-1] o.s.b.c.embedded.FilterRegistrationBean : Mapping filter: 'characterEncodingFilter' to: [/*]
2017-08-14 01:27:21.939 INFO 3002 --- [ost-startStop-1] o.s.b.c.embedded.FilterRegistrationBean : Mapping filter: 'hiddenHttpMethodFilter' to: [/*]
2017-08-14 01:27:21.939 INFO 3002 --- [ost-startStop-1] o.s.b.c.embedded.FilterRegistrationBean : Mapping filter: 'httpPutFormContentFilter' to: [/*]
2017-08-14 01:27:21.940 INFO 3002 --- [ost-startStop-1] o.s.b.c.embedded.FilterRegistrationBean : Mapping filter: 'requestContextFilter' to: [/*]
2017-08-14 01:27:22.010 INFO 3002 --- [WorldApp.main()] o.s.s.c.ThreadPoolTaskScheduler : Initializing ExecutorService 'defaultSockJsTaskScheduler'
2017-08-14 01:27:22.294 INFO 3002 --- [WorldApp.main()] org.eclipse.jetty.util.log : Logging initialized @18116ms
2017-08-14 01:27:22.472 INFO 3002 --- [ntLoopGroup-2-1] o.k.j.c.JsonRpcClientNettyWebSocket : [KurentoClient] Inititating new Netty channel. Will create new handler too!
2017-08-14 01:27:22.538 WARN 3002 --- [rbeatExec-e1-t0] o.k.j.c.JsonRpcClientNettyWebSocket : [KurentoClient] Trying to close a JsonRpcClientNettyWebSocket with channel == null
2017-08-14 01:27:22.539 WARN 3002 --- [rbeatExec-e1-t0] o.kurento.jsonrpc.client.JsonRpcClient : [KurentoClient] Error sending heartbeat to server. Exception: [KurentoClient] Exception connecting to WebSocket server ws://127.0.0.1:8888/kurento
2017-08-14 01:27:22.540 WARN 3002 --- [rbeatExec-e1-t0] o.kurento.jsonrpc.client.JsonRpcClient : [KurentoClient] Stopping heartbeat and closing client: failure during heartbeat mechanism
2017-08-14 01:27:22.543 INFO 3002 --- [ntLoopGroup-3-1] o.k.j.c.JsonRpcClientNettyWebSocket : [KurentoClient] Inititating new Netty channel. Will create new handler too!
2017-08-14 01:27:22.544 WARN 3002 --- [WorldApp.main()] o.k.j.c.JsonRpcClientNettyWebSocket : [KurentoClient] Trying to close a JsonRpcClientNettyWebSocket with channel == null
2017-08-14 01:27:22.545 WARN 3002 --- [WorldApp.main()] ationConfigEmbeddedWebApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'webSocketHandlerMapping' defined in class org.springframework.web.socket.config.annotation.DelegatingWebSocketConfiguration: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.web.servlet.HandlerMapping]: Factory method 'webSocketHandlerMapping' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'handler': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private org.kurento.client.KurentoClient org.kurento.tutorial.helloworld.HelloWorldHandler.kurento; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'kurentoClient' defined in org.kurento.tutorial.helloworld.HelloWorldApp: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.kurento.client.KurentoClient]: Factory method 'kurentoClient' threw exception; nested exception is org.kurento.commons.exception.KurentoException: Exception connecting to KMS
2017-08-14 01:27:22.546 INFO 3002 --- [WorldApp.main()] o.s.s.c.ThreadPoolTaskScheduler : Shutting down ExecutorService 'defaultSockJsTaskScheduler'
2017-08-14 01:27:22.550 INFO 3002 --- [WorldApp.main()] o.apache.catalina.core.StandardService : Stopping service Tomcat
2017-08-14 01:27:22.563 ERROR 3002 --- [WorldApp.main()] o.s.boot.SpringApplication : Application startup failed
Mike
mi...@ammonite.com.au
Aug 14, 2017, 6:16:23 AM8/14/17
to kurento
An update for others.
The SSL Certificate for the Java application did work. Chrome must have just cached the original SSL Certificate, but when I opened it in a new browser/incognito window the demo opened with a valid https certificate.
Now the only part not working is modifying /etc/kurento/kurento.conf.json:
If I comment out the secure part below it loads, but I don't think it uses wss?
{
"mediaServer" : {
"resources": {
// //Resources usage limit for raising an exception when an object creation is attempted
// "exceptionLimit": "0.8",
// // Resources usage limit for restarting the server when no objects are alive
// "killLimit": "0.7",
// Garbage collector period in seconds
"garbageCollectorPeriod": 240
},
"net" : {
"websocket": {
"port": 8888,
// "secure": {
// "port": 8433,
// "certificate": "fullchain.pem",
// "password": ""
// },
mi...@ammonite.com.au
Aug 14, 2017, 7:03:31 AM8/14/17
to kurento
SOLVED - I was trying to connect to kurento via a webserver on a different domain and I had to put this into the Java code:
You need to set .setAllowedOrigins("*") - look at this pull request:
Reply all
Reply to author
Forward
0 new messages