Intel® Collaboration Suite for WebRTC
Community support and discussions on the Intel® Collaboration Suite for WebRTC (Intel® CS for WebRTC).
1146 Discussions

SSL error v2.1.1

Farrukh_M_
Beginner
‎05-08-2015 05:28 PM
462 Views

Hello Experts, 

  I have done SSL config as written in configuration document, page 11-12 , section 2.3.5 "Use your own certificate" for server and did below config. My SSL is signed by a CA authority and I can check it with https://host:port:3004, no errors so far.

/*********************************************************
 NUVE CONFIGURATION
**********************************************************/
config.nuve = {};
config.nuve.dataBaseURL = 'localhost/nuvedb'; // default value: 'localhost/nuvedb'
config.nuve.superserviceID = '######'; // default value: ''
config.nuve.testErizoController = 'localhost:8443'; // default value: 'localhost:8080'
config.nuve.ssl = true; //default value: false
config.nuve.keystorePath = '/home/ubuntu/CACERT/certificate.pfx';

 

.......

// Public erizoController IP for websockets (useful when behind NATs)
// Use '' to automatically get IP from the interface
config.erizoController.publicIP = '52.X.X.X'; //default value: ''
//config.erizoController.publicIP = ''; //default value: ''
// Use '' to use the public IP address instead of a hostname
config.erizoController.hostname = ''; //default value: ''
config.erizoController.port = 8080; //default value: 8080
// Use true if clients communicate with erizoController over SSL
config.erizoController.ssl = true; //default value: false
config.erizoController.keystorePath = '/home/ubuntu/CACERT/certificate.pfx';

 

When i launch Index page, I get below error

https://website.com:3004/createToken/ 503 (Service Unavailable)

I checked basicServer.js and it has both 3001 and 3004 mentioned. As you can see both ports are listening as shown by netstat

tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:3000            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:3001            0.0.0.0:*               LISTEN
tcp        0      0 172.31.46.17:443        0.0.0.0:*               LISTEN   <-- Turn Server
tcp        0      0 0.0.0.0:3004            0.0.0.0:*               LISTEN
 

Without SSL, everything runs perfectly. I can get to "/getRooms/" or other get methods.  Am i missing something? Kindly help.

 

0 Kudos

Link Copied

2 Replies
Farrukh_M_
Beginner
‎05-12-2015 09:35 AM
462 Views

I was able to make it work by just making erizo as SSL but leaving Nuve as non-ssl. That is strange. Intel, Please look at the issue and let me know why it doesn't work when I set config.nuve.ssl = true??

0 Kudos
Copy link
Chunbo_H_Intel1
Employee
‎05-21-2015 02:13 AM
462 Views

Hi Farrukh,

Regarding the Nuve SSL issue you mentioned in basic server, the first thing you need to do is to update the URL in the line "N.API.init(...)" with the https address.

Another thing is: are you using a root trusted cert?

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.