Can't connect to openvidu, certificate error.
1,758 views
Skip to first unread message
aardbol...@gmail.com
Mar 7, 2018, 4:40:25 AM3/7/18
to OpenVidu
Hi,
I have the following setup.
Webserver where the app lives, and a KMS-Openvidu server. Ssl certificate with a jks file. Started within docker.
When i connect to the app over https:// on my website on the webserver with no Firewall on the client i can stream my camera and i see the other everything works perfect.
But when i'm streaming with Firewall on thus only port 80 and 443 open, i will see my stream but not the others, get a certificate error : if you are not debugging, this is probably a certificate error at https://domainname.nl:8443. Click ok to navigate and accept it.
Any one an suggestion?
I have the following setup.
Webserver where the app lives, and a KMS-Openvidu server. Ssl certificate with a jks file. Started within docker.
When i connect to the app over https:// on my website on the webserver with no Firewall on the client i can stream my camera and i see the other everything works perfect.
But when i'm streaming with Firewall on thus only port 80 and 443 open, i will see my stream but not the others, get a certificate error : if you are not debugging, this is probably a certificate error at https://domainname.nl:8443. Click ok to navigate and accept it.
Any one an suggestion?
Micael Gallego
Mar 7, 2018, 4:45:46 AM3/7/18
to aardbol...@gmail.com, OpenVidu
Have you tried to go to https://domainname.nl:8443 and accepted the self-signed certificate?
Then, you have to configure openvidu-server with that certificate to avoid problems in the browser.
Best regards
Micael Gallego
Kurento / OpenVidu Project Lead
--
You received this message because you are subscribed to the Google Groups "OpenVidu" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openvidu+unsubscribe@googlegroups.com.
To post to this group, send email to open...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/openvidu/0ec8a5d1-6ad3-4b9d-b7d7-9dd1f53ecf9e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Message has been deleted
aardbol...@gmail.com
Mar 7, 2018, 4:59:21 AM3/7/18
to OpenVidu
Hi Micael,
I have already a certificate with letsencrypt following this guide http://openvidu.io/docs/deployment/custom-certificate/#for-the-docker-container-of-openvidu-server.
And start the docker container with the certificate options.
Looks like the error only show up when the firewall blocked 8443
Op woensdag 7 maart 2018 10:40:25 UTC+1 schreef aardbol...@gmail.com:
I have already a certificate with letsencrypt following this guide http://openvidu.io/docs/deployment/custom-certificate/#for-the-docker-container-of-openvidu-server.
And start the docker container with the certificate options.
Looks like the error only show up when the firewall blocked 8443
Op woensdag 7 maart 2018 10:40:25 UTC+1 schreef aardbol...@gmail.com:
Micael Gallego
Mar 7, 2018, 5:18:22 AM3/7/18
to aardbol...@gmail.com, OpenVidu
You need to open port 8443 in your firewall. If not, the browser won't connect to openvidu-server.
Best regards
Micael Gallego
Kurento / OpenVidu Project Lead
--
You received this message because you are subscribed to the Google Groups "OpenVidu" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openvidu+unsubscribe@googlegroups.com.
To post to this group, send email to open...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/openvidu/ddb75d03-e1ac-40cf-aa64-4d41c034f98c%40googlegroups.com.
Pablo
Mar 7, 2018, 5:23:55 AM3/7/18
to OpenVidu
Message "if you are not debugging, this is probably a certificate error..." appears whenever the browser cannot connect to your OpenVidu Server by websocket. The most common case for this is when the certficate of OpenVidu Server is not valid, but if you only have ports 80 and 443 opened and you are blocking 8443, the conenction cannot be established. To sum up, if you naviagate to https://YOUR_OPENVIDU_SERVER_IP:8443 and you don't see OpenVidu dashboard, the alert message will appear for sure when connecting to a session.
To fix this you should serve your OpenVidu Server in an opened port (property server.port=XXXX on launch).
By the way, WebRTC needs some ports opened in order to work ok. If you block all but two ports, your media connections may fail. Here you hace the server network requirements: http://openvidu.io/docs/deployment/deploying-ubuntu/#server-network-requirements that should be met in both your server side (where your KMS lives) and your client side.
aardbol...@gmail.com
Mar 7, 2018, 5:24:43 AM3/7/18
to OpenVidu
Hi Micael,
On the server site the port 8443 is open, only on the client site the port is firewalled by customer.
I can't tell every user which is going to use the applicaction to open port 8443
How to work around this?
On the server site the port 8443 is open, only on the client site the port is firewalled by customer.
I can't tell every user which is going to use the applicaction to open port 8443
How to work around this?
Hi,
Micael Gallego
Mar 7, 2018, 5:27:02 AM3/7/18
to aardbol...@gmail.com, OpenVidu
Ok, I understand,
Then, you have two options:
* Install a proxy in 433 and dispatch to web application and to OpenVidu server in different paths.
* Install web application in one domain with 443 and install OpenVidu server in other domain with port 443.
Best regards
Micael Gallego
Kurento / OpenVidu Project Lead
--
You received this message because you are subscribed to the Google Groups "OpenVidu" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openvidu+unsubscribe@googlegroups.com.
To post to this group, send email to open...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/openvidu/47331abc-aff0-4b31-b780-53f0e477036f%40googlegroups.com.
Message has been deleted
Micael Gallego
Mar 7, 2018, 10:47:53 AM3/7/18
to aardbol...@gmail.com, OpenVidu
Use -p option in docker run.
For example:
docker run -p 443:8443 --rm -e KMS_STUN_IP=stun.l.google.com -e KMS_STUN_PORT=19302 -e openvidu.secret=MY_SECRET openvidu/openvidu-server-kms
Best regards
Micael Gallego
Kurento / OpenVidu Project Lead
On Wed, Mar 7, 2018 at 11:55 AM, <aardbol...@gmail.com> wrote:
Hi,
How to run openvidu on another port then 8443 with docker, can't figure it out.
Op woensdag 7 maart 2018 10:40:25 UTC+1 schreef aardbol...@gmail.com:
Hi,
--
You received this message because you are subscribed to the Google Groups "OpenVidu" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openvidu+unsubscribe@googlegroups.com.
To post to this group, send email to open...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/openvidu/eed35a81-8ade-4ce1-99f2-a46b45ef1097%40googlegroups.com.
aardbol...@gmail.com
Mar 14, 2018, 5:19:21 AM3/14/18
to OpenVidu
Hi All,
Looks like the client's firewall is blocking port 8443. When i'm going to the openvidu.io site and choose demos and then Basic Videoconference and then choose try it now and then join a video session. i see this error : demos.openvidu.io shows:
If you are not debugging, this is probably a certificate error at "https://demos.openvidu.io:8443"
Click OK to navigate and accept it
Can't change the firewall rules on client site.
Best regards,
Looks like the client's firewall is blocking port 8443. When i'm going to the openvidu.io site and choose demos and then Basic Videoconference and then choose try it now and then join a video session. i see this error : demos.openvidu.io shows:
If you are not debugging, this is probably a certificate error at "https://demos.openvidu.io:8443"
Click OK to navigate and accept it
Can't change the firewall rules on client site.
Best regards,
Hi,
Micael Gallego
Mar 14, 2018, 10:28:51 AM3/14/18
to aardbol...@gmail.com, OpenVidu
Our demos are located in 8443 port.
But you can publish your demo in the the port you want.
Best regards
Micael Gallego
Kurento / OpenVidu Project Lead
--
You received this message because you are subscribed to the Google Groups "OpenVidu" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openvidu+unsubscribe@googlegroups.com.
To post to this group, send email to open...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/openvidu/fc52bf89-ec83-4cfc-a150-c8938ccb55a3%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages