Intel® Collaboration Suite for WebRTC
Community support and discussions on the Intel® Collaboration Suite for WebRTC (Intel® CS for WebRTC).

SSL error v2.1.1

Farrukh_M_
Beginner
143 Views

Hello Experts, 

  I have done SSL config as written in configuration document, page 11-12 , section 2.3.5 "Use your own certificate" for server and did below config. My SSL is signed by a CA authority and I can check it with https://host:port:3004, no errors so far.

/*********************************************************
 NUVE CONFIGURATION
**********************************************************/
config.nuve = {};
config.nuve.dataBaseURL = 'localhost/nuvedb'; // default value: 'localhost/nuvedb'
config.nuve.superserviceID = '######'; // default value: ''
config.nuve.testErizoController = 'localhost:8443'; // default value: 'localhost:8080'
config.nuve.ssl = true; //default value: false
config.nuve.keystorePath = '/home/ubuntu/CACERT/certificate.pfx';

 

.......

// Public erizoController IP for websockets (useful when behind NATs)
// Use '' to automatically get IP from the interface
config.erizoController.publicIP = '52.X.X.X'; //default value: ''
//config.erizoController.publicIP = ''; //default value: ''
// Use '' to use the public IP address instead of a hostname
config.erizoController.hostname = ''; //default value: ''
config.erizoController.port = 8080; //default value: 8080
// Use true if clients communicate with erizoController over SSL
config.erizoController.ssl = true; //default value: false
config.erizoController.keystorePath = '/home/ubuntu/CACERT/certificate.pfx';

 

When i launch Index page, I get below error

https://website.com:3004/createToken/ 503 (Service Unavailable)

I checked basicServer.js and it has both 3001 and 3004 mentioned. As you can see both ports are listening as shown by netstat

tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:3000            0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:3001            0.0.0.0:*               LISTEN
tcp        0      0 172.31.46.17:443        0.0.0.0:*               LISTEN   <-- Turn Server
tcp        0      0 0.0.0.0:3004            0.0.0.0:*               LISTEN
 

Without SSL, everything runs perfectly. I can get to "/getRooms/" or other get methods.  Am i missing something? Kindly help.

 

0 Kudos
2 Replies
Farrukh_M_
Beginner
143 Views

I was able to make it work by just making erizo as SSL but leaving Nuve as non-ssl. That is strange. Intel, Please look at the issue and let me know why it doesn't work when I set config.nuve.ssl = true??

Chunbo_H_Intel1
Employee
143 Views

Hi Farrukh,

Regarding the Nuve SSL issue you mentioned in basic server, the first thing you need to do is to update the URL in the line "N.API.init(...)" with the https address.

Another thing is: are you using a root trusted cert?

Reply