Q: I have to open the port in docker after the ssl configuration?

FrnandMG commented 2 years ago

My docker installation:

docker run -d \
-p 1935:1935 -p 8080:8080 \
-v ome-origin-conf:/opt/ovenmediaengine/bin/origin_conf \
-v ome-edge-conf:/opt/ovenmediaengine/bin/edge_conf \
--name ovenmediaengine \
airensoft/ovenmediaengine:latest

My Server.xml

<Names>
        <Name>domain.me</Name>
        <Name>localhost</Name>
</Names>

<TLS>
        <CertPath>/path/public.crt</CertPath>
        <KeyPath>/path/private.key</KeyPath>
        <ChainCertPath>/path/fullchain.pem</ChainCertPath>
</TLS>

 <Publishers>
        <HLS>
                <Port>${env:OME_HLS_STREAM_PORT:8080}</Port>
                <WorkerCount>1</WorkerCount>
                <!-- If you want to use TLS, specify the TLS port -->
                <TLSPort>8085</TLSPort>
        </HLS>
        <DASH>
                <Port>${env:OME_DASH_STREAM_PORT:8080}</Port>
                <WorkerCount>1</WorkerCount>
                <!-- If you want to use TLS, specify the TLS port -->
                <TLSPort>8085</TLSPort>
        </DASH>

</Publishers>

I test on VLC app : "http://domain.me:8080/app/stream/playlist.m3u8" and works correctly.

but when I test SSL Url: "https://domain.me:8085/app/stream/playlist.m3u8" it doesn't work.

I am not an expert in docker but I think there is something wrong with the SSL port (8085). Because it seems to be a firewall problem. I am using a server running Ubuntu. So my question is the following: Do I have to open the port in the installation via docker or it could be another problem?

zygocact commented 2 years ago

docker run -d \
-p 1935:1935 -p 8080:8080 \
-v ome-origin-conf:/opt/ovenmediaengine/bin/origin_conf \
-v ome-edge-conf:/opt/ovenmediaengine/bin/edge_conf \
--name ovenmediaengine \
airensoft/ovenmediaengine:latest

As far as I know, the -p option in docker run forwards the linux host port into the docker container port, so in the run command, you should have added -p 8085:8085 on the second line. I am a novice at docker myself, so I do not know how to assign a new port mapping to an existing container. Maybe this will help: https://stackoverflow.com/questions/19335444/how-do-i-assign-a-port-mapping-to-an-existing-docker-container

It seems like a bit of a pain though, so usually when I make a mistake in the docker run command, I just back up the Server.xml file, delete the container, fix the run command, then replace the Server.xml file with the backup, lol.

naanlizard commented 2 years ago

What zygocact says is correct - you need to forward the port in docker.

Keep in mind that docker will punch holes in iptables directly, which you may or may not want. An alternative is to use

--network_mode: host

in your docker run command

I'd also recommend swapping to docker-compose instead of docker run commands, much cleaner and easier to work with imo.

FrnandMG commented 2 years ago

okay. Thank you very much for the help. Greetings

FrnandMG commented 2 years ago

Hello, it's me, again. I can't get it to work with TLS. I Reinstall via docker with port 9090

docker run -d \
-p 1935:1935 -p 8080:8080 -p 9090:9090 \
-v ome-origin-conf:/opt/ovenmediaengine/bin/origin_conf \
-v ome-edge-conf:/opt/ovenmediaengine/bin/edge_conf \
--name ovenmediaengine3 \
airensoft/ovenmediaengine:latest

my Server.xml

<Publishers>
          ...
    <HLS>
        <Port>8080</Port>
        <TLSPort>9090</TLSPort>
    </HLS>
    <DASH>
        <Port>8080</Port>
        <TLSPort>9090</TLSPort>
    </DASH>
</Publishers>

<Host>
        <Names>
                <Name>domain.me</Name>
                <Name>localhost</Name>
        </Names>

        <TLS>
                <CertPath>/home/certs/domain.me/public.crt</CertPath>
                <KeyPath>/home/certs/domain.me/private.key</KeyPath>
                <ChainCertPath>/home/certs/domain.me/fullchain.pem</ChainCertPath>
        </TLS>

</Host>

I am using a server on digitalocean running ubuntu. the ufw is disabled. and already opened port 9090 in the firewall.

netstat -tulnp | grep 9090
tcp        0      0 0.0.0.0:9090            0.0.0.0:*               LISTEN      10331/OvenMediaEngi

"http://domain.me:8080/app/stream/playlist.m3u8" works! but I still don't have access to --> https://domain.me:9090/app/stream/playlist.m3u8

I copied the certificates in the home directory and put that directory in the server.xml

cp /etc/letsencrypt/live/domain.me/fullchain.pem /home/certs/domain.me/public.crt
cp /etc/letsencrypt/live/domain.me/fullchain.pem /home/certs/domain.me/fullchain.pem
cp /etc/letsencrypt/live/domain.me/privakey.pem /home/certs/domain.me/private.key

it could be a problem with the certificates. I'm using letsencrypt?

any help is welcome. Thank you.

naanlizard commented 2 years ago

What do your OME logs say?

Again, docker will put holes in your firewall on its own - you don't have to worry about UFW or iptables.

getroot commented 2 years ago

@FrnandMG My guess is that your docker container will not be able to access /home/certs/domain.me on your host. The Docker container and the host can access each other only by linking the filesystem with volume or mount. See the docker manual for more details.

FrnandMG commented 2 years ago

@naanlizard There are no errors in the docker logs on port 9090. thanks for the help!

naanlizard commented 2 years ago

I strongly suspect something is misconfigured - probably the cert files aren't where OME is expecting them, given the volume mounts you have listed, like getroot said

FrnandMG commented 2 years ago

@getroot That was the problem. I am not yet familiar with docker. Silly mistake of mine.

Now it works correctly. Thanks for the help!!!

FrnandMG commented 2 years ago

@naanlizard Now it works correctly. Thanks for the help!!!

djkunedo commented 2 years ago

Hello everyone. A similar issue over here (docker noob). I'm using the volumes:

-v ome-origin-conf:/opt/ovenmediaengine/bin/origin_conf \
-v ome-edge-conf:/opt/ovenmediaengine/bin/edge_conf \

In the server.xml I have:

        <Host>
            <Names>
                <!-- <Name>*</Name> -->
        <Name>*.localhost</Name>
            </Names>
            <TLS>
                <CertPath>localhost.crt</CertPath>
                <KeyPath>localhost.key</KeyPath>
                <!-- <ChainCertPath>path/to/file.crt</ChainCertPath> -->
            </TLS>
        </Host>

The certificate is issued by the iss express with visual studio. I got the .crt and .key with openssl after exporting the localthost pfx from the windows certmgr. The localhost.crt and localhost.key files are in the same folder that the Server.xml file (...\docker-desktop-data\version-pack-data\community\docker\volumes\ome-origin-conf_data) and I can see them with the docker cli in: ovenmediaengine/origin_conf.

This is the docker log:

[2022-04-25 16:04:16.630] I [OvenMediaEngine:1] Config | config_manager.cpp:115  | Trying to load configurations... (origin_conf/Server.xml)

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:28   | OvenMediaEngine v0.12.11 is started on [740480337f60] (Linux x86_64 - 5.10.102.1-microsoft-standard-WSL2, #1 SMP Wed Mar 2 00:30:59 UTC 2022)

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:30   | With modules:

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:31   |   FFmpeg 4.3.2

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:32   |     Configuration: --prefix=/opt/ovenmediaengine --enable-gpl --enable-nonfree --extra-cflags=-I/opt/ovenmediaengine/include --extra-ldflags='-L/opt/ovenmediaengine/lib -Wl,-rpath,/opt/ovenmediaengine/lib' --extra-libs=-ldl --enable-shared --disable-static --disable-debug --disable-doc --disable-programs --disable-avdevice --disable-dct --disable-dwt --disable-lsp --disable-lzo --disable-rdft --disable-faan --disable-pixelutils --enable-zlib --enable-libopus --enable-libvpx --enable-libfdk_aac --enable-libx264 --enable-libx265 --disable-everything --enable-encoder='libvpx_vp8,libvpx_vp9,libopus,libfdk_aac,libx264,libx265,mjpeg,png' --enable-decoder='aac,aac_latm,aac_fixed,h264,hevc,opus,vp8' --enable-parser='aac,aac_latm,aac_fixed,h264,hevc,opus,vp8' --enable-network --enable-protocol=tcp --enable-protocol=udp --enable-protocol='rtp,file,rtmp' --enable-demuxer=rtsp --enable-muxer='mp4,webm,mpegts,flv,mpjpeg' --enable-filter='asetnsamples,aresample,aformat,channelmap,channelsplit,scale,transpose,fps,settb,asettb,format'

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:33   |     libavformat: 58.45.100

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:34   |     libavcodec: 58.91.100

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:35   |     libavutil: 56.51.100

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:36   |     libavfilter: 7.85.100

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:37   |     libswresample: 3.7.100

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:38   |     libswscale: 5.7.100

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:39   |   SRT: 1.4.2

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:40   |   SRTP: libsrtp2 2.4.0

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:41   |   OpenSSL: OpenSSL 3.0.0-beta1 17 Jun 2021

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:42   |     Configuration: compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DNDEBUG

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:43   |   JsonCpp: 1.9.3

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:44   |   jemalloc: 5.2.1-0-gea6b3e973b477b8061e0076bb257dbd7f3faa756

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] Monitor | monitoring.cpp:72   | OvenMediaEngine(1c04f6d3-b9b5-496f-8223-9b9c8d417831) ServerMetric has been started for monitoring - 2022-04-25T16:04:16.634+0000

[2022-04-25 16:04:16.634] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:72   | Server ID : 1c04f6d3-b9b5-496f-8223-9b9c8d417831

[2022-04-25 16:04:16.681] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:81   | Resolved public IP address (185.160.153.205) from stun server (stun.l.google.com:19302)

[2022-04-25 16:04:16.682] I [OvenMediaEngine:1] APIServer | api_server.cpp:123  | API Server is listening on *:8081/TCP...

[2022-04-25 16:04:16.687] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:139  | Trying to create a MediaRouter module

[2022-04-25 16:04:16.687] I [OvenMediaEngine:1] MediaRouter | mediarouter.cpp:40   | Mediarouter has been started.

[2022-04-25 16:04:16.687] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:142  | Trying to create a WebRTC Publisher module

[2022-04-25 16:04:16.688] I [OvenMediaEngine:1] Signalling.P2P | rtc_p2p_manager.cpp:27   | P2P is disabled in the configuration

[2022-04-25 16:04:16.689] I [OvenMediaEngine:1] ICE | ice_port.cpp:86   | ICE port is bound to 0.0.0.0:10006/UDP (0x55b717fe4250)

[2022-04-25 16:04:16.689] I [OvenMediaEngine:1] ICE | ice_port.cpp:128  | ICE port is bound to 0.0.0.0:3478/TCP (0x55b717fe8880)

[2022-04-25 16:04:16.689] I [OvenMediaEngine:1] ICE | ice_port_manager.cpp:94   | RelayServer is created successfully: host:3478?transport=tcp

[2022-04-25 16:04:16.689] I [OvenMediaEngine:1] WebRTC Publisher | webrtc_publisher.cpp:121  | WebRTC Publisher is listening on *:3333, TLS: *:3334...

[2022-04-25 16:04:16.689] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | WebRTC Publisher has been started.

[2022-04-25 16:04:16.689] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:143  | Trying to create a HLS Publisher module

[2022-04-25 16:04:16.690] I [OvenMediaEngine:1] HTTPPublisher | segment_publisher.cpp:53   | HLS Publisher is listening on *:8080...

[2022-04-25 16:04:16.690] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | HLS Publisher has been started.

[2022-04-25 16:04:16.690] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:144  | Trying to create a MPEG-DASH Publisher module

[2022-04-25 16:04:16.690] I [OvenMediaEngine:1] HTTPPublisher | segment_publisher.cpp:53   | DASH Publisher is listening on *:8080...

[2022-04-25 16:04:16.690] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | DASH Publisher has been started.

[2022-04-25 16:04:16.691] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:145  | Trying to create a Low-Latency MPEG-DASH Publisher module

[2022-04-25 16:04:16.691] I [OvenMediaEngine:1] HTTPPublisher | segment_publisher.cpp:53   | LLDASH Publisher is listening on *:8080...

[2022-04-25 16:04:16.691] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | LLDASH Publisher has been started.

[2022-04-25 16:04:16.691] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:146  | Trying to create a OVT Publisher module

[2022-04-25 16:04:16.691] I [OvenMediaEngine:1] OVT | ovt_publisher.cpp:58   | OVTPublisher is listening on *:9000/TCP

[2022-04-25 16:04:16.691] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | OVTPublisher has been started.

[2022-04-25 16:04:16.692] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:147  | Trying to create a File Publisher module

[2022-04-25 16:04:16.692] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | FilePublisher has been started.

[2022-04-25 16:04:16.692] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:148  | Trying to create a RtmpPush Publisher module

[2022-04-25 16:04:16.692] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | RTMPPushPublisher has been started.

[2022-04-25 16:04:16.692] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:149  | Trying to create a Thumbnail Publisher module

[2022-04-25 16:04:16.692] I [OvenMediaEngine:1] Thumbnail | thumbnail_publisher.cpp:45   | ThumbnailPublisher is disabled by configuration

[2022-04-25 16:04:16.693] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:152  | Trying to create a Transcoder module

[2022-04-25 16:04:16.693] I [OvenMediaEngine:1] Transcoder | transcoder_gpu.cpp:63   | There is no supported hardware accelerator

[2022-04-25 16:04:16.693] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:155  | Trying to create a WebRTC Provider module

[2022-04-25 16:04:16.693] I [OvenMediaEngine:1] Signalling.P2P | rtc_p2p_manager.cpp:27   | P2P is disabled in the configuration

[2022-04-25 16:04:16.693] I [OvenMediaEngine:1] ICE | ice_port.cpp:86   | ICE port is bound to 0.0.0.0:10006/UDP (0x55b717fe4250)

[2022-04-25 16:04:16.693] I [OvenMediaEngine:1] ICE | ice_port.cpp:128  | ICE port is bound to 0.0.0.0:3478/TCP (0x55b717fe8880)

[2022-04-25 16:04:16.693] I [OvenMediaEngine:1] ICE | ice_port_manager.cpp:94   | RelayServer is created successfully: host:3478?transport=tcp

[2022-04-25 16:04:16.697] I [OvenMediaEngine:1] WebRTC Provider | webrtc_provider.cpp:134  | WebRTCProvider is listening on *:3333, TLS: *:3334...

[2022-04-25 16:04:16.697] I [OvenMediaEngine:1] Provider | provider.cpp:37   | WebRTCProvider has been started.

[2022-04-25 16:04:16.697] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:156  | Trying to create a MPEG-TS Provider module

[2022-04-25 16:04:16.698] I [OvenMediaEngine:1] MpegtsProvider | mpegts_provider.cpp:140  | MPEGTSProvider is listening on *:4000/UDP

[2022-04-25 16:04:16.699] I [OvenMediaEngine:1] Provider | provider.cpp:37   | MPEGTSProvider has been started.

[2022-04-25 16:04:16.699] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:157  | Trying to create a SRT Provider module

[2022-04-25 16:04:16.701] I [OvenMediaEngine:1] SrtProvider | srt_provider.cpp:66   | SrtProvider is listening on *:9999/SRT

[2022-04-25 16:04:16.701] I [OvenMediaEngine:1] Provider | provider.cpp:37   | SrtProvider has been started.

[2022-04-25 16:04:16.701] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:158  | Trying to create a RTMP Provider module

[2022-04-25 16:04:16.702] I [OvenMediaEngine:1] RTMPProvider | rtmp_provider.cpp:101  | RTMPProvider is listening on *:1935/TCP

[2022-04-25 15:42:28.481] E [SPRtcSig-T3334:14] HttpServer | http_server.cpp:176  | Could not find client <ClientSocket: 0x7fade0001130, #25, Disconnected, TCP, Nonblocking, 172.17.0.1:50160> from list

[2022-04-25 15:42:31.760] E [SPRtcSig-T3334:14] HttpServer | https_server.cpp:83   | Could not handle connection event: there is no certificate

[2022-04-25 16:01:14.537] E [OvenMediaEngine:1] HttpServer | http_server_manager.cpp:89   | Could not set certificate: [OpenSSL] Certificate is nullptr

[2022-04-25 16:01:14.545] E [OvenMediaEngine:1] HttpServer | http_server_manager.cpp:89   | Could not set certificate: [OpenSSL] Certificate is nullptr

[2022-04-25 16:01:16.197] E [SPRtcSig-T3334:14] HttpServer | https_server.cpp:83   | Could not handle connection event: there is no certificate

[2022-04-25 16:01:46.198] E [SPRtcSig-T3334:14] HttpServer | http_server.cpp:176  | Could not find client <ClientSocket: 0x7f68b4001130, #25, Disconnected, TCP, Nonblocking, 172.17.0.1:50166> from list

[2022-04-25 16:01:48.370] E [SPRtcSig-T3334:14] HttpServer | https_server.cpp:83   | Could not handle connection event: there is no certificate

[2022-04-25 16:02:18.382] E [SPRtcSig-T3334:14] HttpServer | http_server.cpp:176  | Could not find client <ClientSocket: 0x7f68b4001130, #25, Disconnected, TCP, Nonblocking, 172.17.0.1:50168> from list

[2022-04-25 16:02:21.367] E [SPRtcSig-T3334:14] HttpServer | https_server.cpp:83   | Could not handle connection event: there is no certificate

[2022-04-25 16:02:51.375] E [SPRtcSig-T3334:14] HttpServer | http_server.cpp:176  | Could not find client <ClientSocket: 0x7f68b4001130, #25, Disconnected, TCP, Nonblocking, 172.17.0.1:50170> from list

[2022-04-25 16:02:54.358] E [SPRtcSig-T3334:14] HttpServer | https_server.cpp:83   | Could not handle connection event: there is no certificate

[2022-04-25 16:03:24.367] E [SPRtcSig-T3334:14] HttpServer | http_server.cpp:176  | Could not find client <ClientSocket: 0x7f68b4001130, #25, Disconnected, TCP, Nonblocking, 172.17.0.1:50172> from list

[2022-04-25 16:03:27.361] E [SPRtcSig-T3334:14] HttpServer | https_server.cpp:83   | Could not handle connection event: there is no certificate

[2022-04-25 16:03:57.371] E [SPRtcSig-T3334:14] HttpServer | http_server.cpp:176  | Could not find client <ClientSocket: 0x7f68b4001130, #25, Disconnected, TCP, Nonblocking, 172.17.0.1:50174> from list

[2022-04-25 16:04:00.363] E [SPRtcSig-T3334:14] HttpServer | https_server.cpp:83   | Could not handle connection event: there is no certificate

[2022-04-25 16:04:16.688] E [OvenMediaEngine:1] HttpServer | http_server_manager.cpp:89   | Could not set certificate: [OpenSSL] Certificate is nullptr

[2022-04-25 16:04:16.693] E [OvenMediaEngine:1] HttpServer | http_server_manager.cpp:89   | Could not set certificate: [OpenSSL] Certificate is nullptr

[2022-04-25 16:04:18.382] E [SPRtcSig-T3334:13] HttpServer | https_server.cpp:83   | Could not handle connection event: there is no certificate

[2022-04-25 16:04:16.702] I [OvenMediaEngine:1] Provider | provider.cpp:37   | RTMPProvider has been started.

[2022-04-25 16:04:16.702] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:159  | Trying to create a OVT Provider module

[2022-04-25 16:04:16.702] I [OvenMediaEngine:1] Provider | provider.cpp:37   | OVTProvider has been started.

[2022-04-25 16:04:16.702] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:160  | Trying to create a RTSPC Provider module

[2022-04-25 16:04:16.702] I [OvenMediaEngine:1] Provider | provider.cpp:37   | RTSPCProvider has been started.

[2022-04-25 16:04:16.703] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:163  | All modules are initialized successfully

[2022-04-25 16:04:16.703] I [OvenMediaEngine:1] Monitor | server_metrics.cpp:55   | Create HostMetrics(default/1c04f6d3-b9b5-496f-8223-9b9c8d417831/default) for monitoring

[2022-04-25 16:04:16.703] I [OvenMediaEngine:1] Orchestrator | orchestrator_internal.cpp:607  | Trying to create an application: [#default#app]

[2022-04-25 16:04:16.703] I [OvenMediaEngine:1] Monitor | host_metrics.cpp:52   | Create ApplicationMetrics(#default#app/1c04f6d3-b9b5-496f-8223-9b9c8d417831/default/#default#app) for monitoring

[2022-04-25 16:04:16.703] I [OvenMediaEngine:1] MediaRouter | mediarouter_application.cpp:44   | Created Mediarouter application. application id(0), app(#default#app), worker(1)

[2022-04-25 16:04:16.703] I [OvenMediaEngine:1] MediaRouter | mediarouter_application.cpp:99   | Started Mediarouter application. application id(0), app(#default#app)

[2022-04-25 16:04:16.703] I [OvenMediaEngine:1] MediaRouter | mediarouter.cpp:71   | Created Mediarouter. app(#default#app)

[2022-04-25 16:04:16.704] I [OvenMediaEngine:1] Publisher | application.cpp:33   | WebRTC ApplicationWorker has been created

[2022-04-25 16:04:16.704] I [OvenMediaEngine:1] Publisher | application.cpp:199  | WebRTC Publisher Application has created [#default#app] application

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Publisher | application.cpp:33   | HLS ApplicationWorker has been created

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Publisher | application.cpp:199  | HLS Publisher Application has created [#default#app] application

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Publisher | application.cpp:33   | DASH ApplicationWorker has been created

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Publisher | application.cpp:199  | DASH Publisher Application has created [#default#app] application

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Publisher | application.cpp:33   | LLDASH ApplicationWorker has been created

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Publisher | application.cpp:199  | LLDASH Publisher Application has created [#default#app] application

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Publisher | application.cpp:33   | OVT ApplicationWorker has been created

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Publisher | application.cpp:199  | OVTPublisher Application has created [#default#app] application

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Publisher | publisher.cpp:69   | File publisher is disabled in #default#app application, so it was not created

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Publisher | publisher.cpp:69   | RTMPPush publisher is disabled in #default#app application, so it was not created

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Publisher | publisher.cpp:69   | Thumbnail publisher is disabled in #default#app application, so it was not created

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Transcoder | transcoder_application.cpp:32   | Created transcoder application. app(#default#app)

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Transcoder | transcoder.cpp:83   | Transcoder has created [config][#default#app] application

[2022-04-25 16:04:16.705] I [OvenMediaEngine:1] Provider | application.cpp:46   | WebRTCProvider has created [#default#app] application

[2022-04-25 16:04:16.706] I [OvenMediaEngine:1] Monitor | application_metrics.cpp:106  | MPEG-TS has reserved stream_4000 stream linked to UDP://0.0.0.0:4000

[2022-04-25 16:04:16.706] I [OvenMediaEngine:1] Provider | application.cpp:46   | MPEGTSProvider has created [#default#app] application

[2022-04-25 16:04:16.706] I [OvenMediaEngine:1] Provider | application.cpp:46   | SrtProvider has created [#default#app] application

[2022-04-25 16:04:16.706] I [OvenMediaEngine:1] Provider | application.cpp:46   | RTMPProvider has created [#default#app] application

[2022-04-25 16:04:16.706] I [OvenMediaEngine:1] Provider | application.cpp:46   | OVTProvider has created [#default#app] application

[2022-04-25 16:04:16.706] I [OvenMediaEngine:1] Provider | application.cpp:46   | RTSPCProvider has created [#default#app] application

So the error seems to be here:

[2022-04-25 15:42:31.760] E [SPRtcSig-T3334:14] HttpServer | https_server.cpp:83   | Could not handle connection event: there is no certificate

[2022-04-25 16:01:14.537] E [OvenMediaEngine:1] HttpServer | http_server_manager.cpp:89   | Could not set certificate: [OpenSSL] Certificate is nullptr

[2022-04-25 16:01:14.545] E [OvenMediaEngine:1] HttpServer | http_server_manager.cpp:89   | Could not set certificate: [OpenSSL] Certificate is nullptr

Am I not using the right values in the CertPath and KeyPath? Could it be any problem with the localhost certificate I'm using?

By the way, I also have the port 3334 opened since I'm trying to use WebRTC with the wss protocol and the Server.xml section like this:

            <WebRTC>
                <Signalling>
                    <Port>${env:OME_SIGNALLING_PORT:3333}</Port>
                    <WorkerCount>1</WorkerCount>
                    <!-- If you want to use TLS, specify the TLS port -->
                    <TLSPort>3334</TLSPort>
                </Signalling>
                <IceCandidates>
                    <TcpRelay>${env:OME_TCP_RELAY_ADDRESS:*:3478}</TcpRelay>
                    <TcpForce>true</TcpForce>
                    <TcpRelayWorkerCount>1</TcpRelayWorkerCount>
                    <IceCandidate>${env:OME_ICE_CANDIDATES:*:10006/udp}</IceCandidate>
                </IceCandidates>
            </WebRTC>

Thanks guys for your help.

naanlizard commented 2 years ago

I would suspect your ssl cert is funky somehow, but I'm not a dev so that's just an educated guess.

Can you try getting a letsencrypt certificate and use that? I know for a fact they work very easily with OME

You might also try explicitly defining the path to the cert, rather than just the filename - it's possible OME doesn't do relative paths. IIRC our configs all explicitly use the full file path

djkunedo commented 2 years ago

I would suspect your ssl cert is funky somehow, but I'm not a dev so that's just an educated guess.

Can you try getting a letsencrypt certificate and use that? I know for a fact they work very easily with OME

You might also try explicitly defining the path to the cert, rather than just the filename - it's possible OME doesn't do relative paths. IIRC our configs all explicitly use the full file path

Thanks naanlizard. Sure, I could give it a try with a letsencrypt certificate.

About defining the path, I'm not really sure which one I should use, that's why I'm sharing all my config. Should it be "/opt/ovenmediaengine/bin/origin_conf/localhost.cert"?

naanlizard commented 2 years ago

The path you put in the config should match the location that the file is within the docker instance.

So if when you go into the docker the file is at /opt/ovenmediaengine/bin/origin_conf/localhost.cert then yes.

You can execute a shell in the docker instance like this https://phase2.github.io/devtools/common-tasks/ssh-into-a-container/

djkunedo commented 2 years ago

The path you put in the config should match the location that the file is within the docker instance.

So if when you go into the docker the file is at /opt/ovenmediaengine/bin/origin_conf/localhost.cert then yes.

You can execute a shell in the docker instance like this https://phase2.github.io/devtools/common-tasks/ssh-into-a-container/

~~With the full path at least the [2022-04-25 16:01:14.537] E [OvenMediaEngine:1] HttpServer | http_server_manager.cpp:89 | Could not set certificate: [OpenSSL] Certificate is nullptr is gone.~~ I should give it a try to using another certificate generated with letsencrypt anyway. I'm sharing what I can see in the shell so the path keeps clear: And the updated Server.xml section:

        <Host>
            <Names>
                <!-- <Name>*</Name> -->
                <Name>*.localhost</Name>
            </Names>
            <TLS>
                <CertPath>/opt/ovenmediaengine/bin/origin_conf/localhost.crt</CertPath>
                <KeyPath>/opt/ovenmediaengine/bin/origin_conf/localhost.key</KeyPath>
                <!-- <ChainCertPath>path/to/file.crt</ChainCertPath> -->
            </TLS>
        </Host>

Here is the last log:

[2022-04-25 16:48:04.324] I [OvenMediaEngine:1] Config | config_manager.cpp:330  | Trying to set logfile in directory... (/var/log/ovenmediaengine)

[2022-04-25 16:48:04.324] I [OvenMediaEngine:1] Config | config_manager.cpp:115  | Trying to load configurations... (origin_conf/Server.xml)

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:28   | OvenMediaEngine v0.12.11 is started on [740480337f60] (Linux x86_64 - 5.10.102.1-microsoft-standard-WSL2, #1 SMP Wed Mar 2 00:30:59 UTC 2022)

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:30   | With modules:

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:31   |   FFmpeg 4.3.2

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:32   |     Configuration: --prefix=/opt/ovenmediaengine --enable-gpl --enable-nonfree --extra-cflags=-I/opt/ovenmediaengine/include --extra-ldflags='-L/opt/ovenmediaengine/lib -Wl,-rpath,/opt/ovenmediaengine/lib' --extra-libs=-ldl --enable-shared --disable-static --disable-debug --disable-doc --disable-programs --disable-avdevice --disable-dct --disable-dwt --disable-lsp --disable-lzo --disable-rdft --disable-faan --disable-pixelutils --enable-zlib --enable-libopus --enable-libvpx --enable-libfdk_aac --enable-libx264 --enable-libx265 --disable-everything --enable-encoder='libvpx_vp8,libvpx_vp9,libopus,libfdk_aac,libx264,libx265,mjpeg,png' --enable-decoder='aac,aac_latm,aac_fixed,h264,hevc,opus,vp8' --enable-parser='aac,aac_latm,aac_fixed,h264,hevc,opus,vp8' --enable-network --enable-protocol=tcp --enable-protocol=udp --enable-protocol='rtp,file,rtmp' --enable-demuxer=rtsp --enable-muxer='mp4,webm,mpegts,flv,mpjpeg' --enable-filter='asetnsamples,aresample,aformat,channelmap,channelsplit,scale,transpose,fps,settb,asettb,format'

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:33   |     libavformat: 58.45.100

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:34   |     libavcodec: 58.91.100

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:35   |     libavutil: 56.51.100

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:36   |     libavfilter: 7.85.100

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:37   |     libswresample: 3.7.100

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:38   |     libswscale: 5.7.100

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:39   |   SRT: 1.4.2

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:40   |   SRTP: libsrtp2 2.4.0

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:41   |   OpenSSL: OpenSSL 3.0.0-beta1 17 Jun 2021

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:42   |     Configuration: compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DNDEBUG

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:43   |   JsonCpp: 1.9.3

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | banner.cpp:44   |   jemalloc: 5.2.1-0-gea6b3e973b477b8061e0076bb257dbd7f3faa756

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] Monitor | monitoring.cpp:72   | OvenMediaEngine(1c04f6d3-b9b5-496f-8223-9b9c8d417831) ServerMetric has been started for monitoring - 2022-04-25T16:48:04.329+0000

[2022-04-25 16:48:04.329] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:72   | Server ID : 1c04f6d3-b9b5-496f-8223-9b9c8d417831

[2022-04-25 16:48:04.378] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:81   | Resolved public IP address (185.160.153.205) from stun server (stun.l.google.com:19302)

[2022-04-25 16:48:04.379] I [OvenMediaEngine:1] APIServer | api_server.cpp:123  | API Server is listening on *:8081/TCP...

[2022-04-25 16:48:04.384] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:139  | Trying to create a MediaRouter module

[2022-04-25 16:48:04.384] I [OvenMediaEngine:1] MediaRouter | mediarouter.cpp:40   | Mediarouter has been started.

[2022-04-25 16:48:04.384] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:142  | Trying to create a WebRTC Publisher module

[2022-04-25 16:48:04.384] I [OvenMediaEngine:1] Signalling.P2P | rtc_p2p_manager.cpp:27   | P2P is disabled in the configuration

[2022-04-25 16:48:04.385] I [OvenMediaEngine:1] ICE | ice_port.cpp:86   | ICE port is bound to 0.0.0.0:10006/UDP (0x561c07234390)

[2022-04-25 16:48:04.385] I [OvenMediaEngine:1] ICE | ice_port.cpp:128  | ICE port is bound to 0.0.0.0:3478/TCP (0x561c072389c0)

[2022-04-25 16:48:04.385] I [OvenMediaEngine:1] ICE | ice_port_manager.cpp:94   | RelayServer is created successfully: host:3478?transport=tcp

[2022-04-25 16:48:04.386] I [OvenMediaEngine:1] WebRTC Publisher | webrtc_publisher.cpp:121  | WebRTC Publisher is listening on *:3333, TLS: *:3334...

[2022-04-25 16:48:04.386] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | WebRTC Publisher has been started.

[2022-04-25 16:48:04.386] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:143  | Trying to create a HLS Publisher module

[2022-04-25 16:48:04.386] I [OvenMediaEngine:1] HTTPPublisher | segment_publisher.cpp:53   | HLS Publisher is listening on *:8080...

[2022-04-25 16:48:04.386] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | HLS Publisher has been started.

[2022-04-25 16:48:04.386] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:144  | Trying to create a MPEG-DASH Publisher module

[2022-04-25 16:48:04.387] I [OvenMediaEngine:1] HTTPPublisher | segment_publisher.cpp:53   | DASH Publisher is listening on *:8080...

[2022-04-25 16:48:04.387] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | DASH Publisher has been started.

[2022-04-25 16:48:04.387] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:145  | Trying to create a Low-Latency MPEG-DASH Publisher module

[2022-04-25 16:48:04.387] I [OvenMediaEngine:1] HTTPPublisher | segment_publisher.cpp:53   | LLDASH Publisher is listening on *:8080...

[2022-04-25 16:48:04.387] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | LLDASH Publisher has been started.

[2022-04-25 16:48:04.388] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:146  | Trying to create a OVT Publisher module

[2022-04-25 16:48:04.388] I [OvenMediaEngine:1] OVT | ovt_publisher.cpp:58   | OVTPublisher is listening on *:9000/TCP

[2022-04-25 16:48:04.388] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | OVTPublisher has been started.

[2022-04-25 16:48:04.388] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:147  | Trying to create a File Publisher module

[2022-04-25 16:48:04.388] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | FilePublisher has been started.

[2022-04-25 16:48:04.388] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:148  | Trying to create a RtmpPush Publisher module

[2022-04-25 16:48:04.389] I [OvenMediaEngine:1] Publisher | publisher.cpp:18   | RTMPPushPublisher has been started.

[2022-04-25 16:48:04.389] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:149  | Trying to create a Thumbnail Publisher module

[2022-04-25 16:48:04.389] I [OvenMediaEngine:1] Thumbnail | thumbnail_publisher.cpp:45   | ThumbnailPublisher is disabled by configuration

[2022-04-25 16:48:04.389] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:152  | Trying to create a Transcoder module

[2022-04-25 16:48:04.389] I [OvenMediaEngine:1] Transcoder | transcoder_gpu.cpp:63   | There is no supported hardware accelerator

[2022-04-25 16:48:04.389] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:155  | Trying to create a WebRTC Provider module

[2022-04-25 16:48:04.389] I [OvenMediaEngine:1] Signalling.P2P | rtc_p2p_manager.cpp:27   | P2P is disabled in the configuration

[2022-04-25 16:48:04.389] I [OvenMediaEngine:1] ICE | ice_port.cpp:86   | ICE port is bound to 0.0.0.0:10006/UDP (0x561c07234390)

[2022-04-25 16:48:04.389] I [OvenMediaEngine:1] ICE | ice_port.cpp:128  | ICE port is bound to 0.0.0.0:3478/TCP (0x561c072389c0)

[2022-04-25 16:48:04.389] I [OvenMediaEngine:1] ICE | ice_port_manager.cpp:94   | RelayServer is created successfully: host:3478?transport=tcp

[2022-04-25 16:48:04.391] I [OvenMediaEngine:1] WebRTC Provider | webrtc_provider.cpp:134  | WebRTCProvider is listening on *:3333, TLS: *:3334...

[2022-04-25 16:48:04.391] I [OvenMediaEngine:1] Provider | provider.cpp:37   | WebRTCProvider has been started.

[2022-04-25 16:48:04.391] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:156  | Trying to create a MPEG-TS Provider module

[2022-04-25 16:48:04.392] I [OvenMediaEngine:1] MpegtsProvider | mpegts_provider.cpp:140  | MPEGTSProvider is listening on *:4000/UDP

[2022-04-25 16:48:04.393] I [OvenMediaEngine:1] Provider | provider.cpp:37   | MPEGTSProvider has been started.

[2022-04-25 16:48:04.393] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:157  | Trying to create a SRT Provider module

[2022-04-25 16:48:04.395] I [OvenMediaEngine:1] SrtProvider | srt_provider.cpp:66   | SrtProvider is listening on *:9999/SRT

[2022-04-25 16:48:04.395] I [OvenMediaEngine:1] Provider | provider.cpp:37   | SrtProvider has been started.

[2022-04-25 16:48:04.395] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:158  | Trying to create a RTMP Provider module

[2022-04-25 16:48:04.396] I [OvenMediaEngine:1] RTMPProvider | rtmp_provider.cpp:101  | RTMPProvider is listening on *:1935/TCP

[2022-04-25 16:48:04.396] I [OvenMediaEngine:1] Provider | provider.cpp:37   | RTMPProvider has been started.

[2022-04-25 16:48:04.396] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:159  | Trying to create a OVT Provider module

[2022-04-25 16:48:04.396] I [OvenMediaEngine:1] Provider | provider.cpp:37   | OVTProvider has been started.

[2022-04-25 16:48:04.396] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:160  | Trying to create a RTSPC Provider module

[2022-04-25 16:48:04.397] I [OvenMediaEngine:1] Provider | provider.cpp:37   | RTSPCProvider has been started.

[2022-04-25 16:48:04.397] I [OvenMediaEngine:1] OvenMediaEngine | main.cpp:163  | All modules are initialized successfully

[2022-04-25 16:48:04.397] I [OvenMediaEngine:1] Monitor | server_metrics.cpp:55   | Create HostMetrics(default/1c04f6d3-b9b5-496f-8223-9b9c8d417831/default) for monitoring

[2022-04-25 16:48:04.397] I [OvenMediaEngine:1] Orchestrator | orchestrator_internal.cpp:607  | Trying to create an application: [#default#app]

[2022-04-25 16:48:04.397] I [OvenMediaEngine:1] Monitor | host_metrics.cpp:52   | Create ApplicationMetrics(#default#app/1c04f6d3-b9b5-496f-8223-9b9c8d417831/default/#default#app) for monitoring

[2022-04-25 16:48:04.397] I [OvenMediaEngine:1] MediaRouter | mediarouter_application.cpp:44   | Created Mediarouter application. application id(0), app(#default#app), worker(1)

[2022-04-25 16:48:04.397] I [OvenMediaEngine:1] MediaRouter | mediarouter_application.cpp:99   | Started Mediarouter application. application id(0), app(#default#app)

[2022-04-25 16:48:04.397] I [OvenMediaEngine:1] MediaRouter | mediarouter.cpp:71   | Created Mediarouter. app(#default#app)

[2022-04-25 16:48:04.400] I [OvenMediaEngine:1] Publisher | application.cpp:33   | WebRTC ApplicationWorker has been created

[2022-04-25 16:48:04.400] I [OvenMediaEngine:1] Publisher | application.cpp:199  | WebRTC Publisher Application has created [#default#app] application

[2022-04-25 16:48:04.400] I [OvenMediaEngine:1] Publisher | application.cpp:33   | HLS ApplicationWorker has been created

[2022-04-25 16:48:04.401] I [OvenMediaEngine:1] Publisher | application.cpp:199  | HLS Publisher Application has created [#default#app] application

[2022-04-25 16:48:04.401] I [OvenMediaEngine:1] Publisher | application.cpp:33   | DASH ApplicationWorker has been created

[2022-04-25 16:48:04.401] I [OvenMediaEngine:1] Publisher | application.cpp:199  | DASH Publisher Application has created [#default#app] application

[2022-04-25 16:48:04.401] I [OvenMediaEngine:1] Publisher | application.cpp:33   | LLDASH ApplicationWorker has been created

[2022-04-25 16:48:04.401] I [OvenMediaEngine:1] Publisher | application.cpp:199  | LLDASH Publisher Application has created [#default#app] application

[2022-04-25 16:48:04.402] I [OvenMediaEngine:1] Publisher | application.cpp:33   | OVT ApplicationWorker has been created

[2022-04-25 16:48:04.402] I [OvenMediaEngine:1] Publisher | application.cpp:199  | OVTPublisher Application has created [#default#app] application

[2022-04-25 16:48:04.402] I [OvenMediaEngine:1] Publisher | publisher.cpp:69   | File publisher is disabled in #default#app application, so it was not created

[2022-04-25 16:48:04.402] I [OvenMediaEngine:1] Publisher | publisher.cpp:69   | RTMPPush publisher is disabled in #default#app application, so it was not created

[2022-04-25 16:48:04.402] I [OvenMediaEngine:1] Publisher | publisher.cpp:69   | Thumbnail publisher is disabled in #default#app application, so it was not created

[2022-04-25 16:48:04.402] I [OvenMediaEngine:1] Transcoder | transcoder_application.cpp:32   | Created transcoder application. app(#default#app)

[2022-04-25 16:48:04.402] I [OvenMediaEngine:1] Transcoder | transcoder.cpp:83   | Transcoder has created [config][#default#app] application

[2022-04-25 16:48:04.402] I [OvenMediaEngine:1] Provider | application.cpp:46   | WebRTCProvider has created [#default#app] application

[2022-04-25 16:48:04.402] I [OvenMediaEngine:1] Monitor | application_metrics.cpp:106  | MPEG-TS has reserved stream_4000 stream linked to UDP://0.0.0.0:4000

[2022-04-25 16:48:04.402] I [OvenMediaEngine:1] Provider | application.cpp:46   | MPEGTSProvider has created [#default#app] application

[2022-04-25 16:48:04.402] I [OvenMediaEngine:1] Provider | application.cpp:46   | SrtProvider has created [#default#app] application

[2022-04-25 16:48:04.403] I [OvenMediaEngine:1] Provider | application.cpp:46   | RTMPProvider has created [#default#app] application

[2022-04-25 16:48:04.403] I [OvenMediaEngine:1] Provider | application.cpp:46   | OVTProvider has created [#default#app] application

[2022-04-25 16:48:04.403] I [OvenMediaEngine:1] Provider | application.cpp:46   | RTSPCProvider has created [#default#app] application

[2022-04-25 16:48:04.595] I [SPSRT-T9999:31] SrtProvider | srt_provider.cpp:103  | The SRT client has connected : <ClientSocket: 0x7fb270001130, #192384254, Connected, SRT, Nonblocking, 172.17.0.1:46680> [srt%3A%2F%2F192.168.100.6%3A9999%2Fapp%2Fstream]

[2022-04-25 16:48:04.595] I [SPSRT-T9999:31] Provider | stream.cpp:49   | Unknown/stream(192384254) has been started stream

[2022-04-25 16:48:04.669] I [SPSRT-T9999:31] MediaRouter | mediarouter_application.cpp:244  | Trying to create a stream: [#default#app/stream(192384254)]

[2022-04-25 16:48:04.669] I [SPSRT-T9999:31] MediaRouter | mediarouter_application.cpp:245  | 

[Stream Info]

id(192384254), msid(0), output(stream), SourceType(SRT), Created Time (Mon Apr 25 16:48:04 2022) UUID(1c04f6d3-b9b5-496f-8223-9b9c8d417831/default/#default#app/stream/i)

Video Track #256: Bypass(false) Bitrate(0b) codec(1, H264) resolution(0x0) framerate(0.00fps) timebase(1/90000)

Audio Track #257: Bypass(false) Bitrate(0b) codec(6, AAC) samplerate(0) format(none, 0) channel(unknown, 0) timebase(1/90000)

[2022-04-25 16:48:04.669] I [SPSRT-T9999:31] MediaRouter | mediarouter_stream.cpp:54   | Trying to create media route stream: name(stream) id(192384254)

[2022-04-25 16:48:04.669] I [SPSRT-T9999:31] Monitor | application_metrics.cpp:57   | Create StreamMetrics(stream/1c04f6d3-b9b5-496f-8223-9b9c8d417831/default/#default#app/stream/i) for monitoring

[2022-04-25 16:48:04.669] I [SPSRT-T9999:31] Transcoder | transcoder_stream.cpp:523  | [#default#app/stream(192384254)] -> [#default#app/stream(2747904479)] Output stream has been created.

[2022-04-25 16:48:04.672] I [SPSRT-T9999:31] MediaRouter | mediarouter_application.cpp:244  | Trying to create a stream: [#default#app/stream(2747904479)]

[2022-04-25 16:48:04.672] I [SPSRT-T9999:31] MediaRouter | mediarouter_application.cpp:245  | 

[Stream Info]

id(2747904479), msid(0), output(stream), SourceType(Transcoder), Created Time (Mon Apr 25 16:48:04 2022) UUID(1c04f6d3-b9b5-496f-8223-9b9c8d417831/default/#default#app/stream/o)

>> Origin Stream Info

id(192384254), output(stream), SourceType(SRT), Created Time (Mon Apr 25 16:48:04 2022)

Video Track #0: Bypass(true) Bitrate(0b) codec(1, H264) resolution(0x0) framerate(0.00fps) timebase(1/90000)

Audio Track #1: Bypass(true) Bitrate(0b) codec(6, AAC) samplerate(90.0K) format(none, 0) channel(unknown, 0) timebase(1/90000)

Audio Track #2: Bypass(false) Bitrate(128.00Kb) codec(8, OPUS) samplerate(48.0K) format(none, 0) channel(stereo, 2) timebase(1/48000)

[2022-04-25 16:48:04.673] I [SPSRT-T9999:31] MediaRouter | mediarouter_stream.cpp:54   | Trying to create media route stream: name(stream) id(2747904479)

[2022-04-25 16:48:04.673] I [SPSRT-T9999:31] Monitor | application_metrics.cpp:57   | Create StreamMetrics(stream/1c04f6d3-b9b5-496f-8223-9b9c8d417831/default/#default#app/stream/o) for monitoring

[2022-04-25 16:48:04.673] I [SPSRT-T9999:31] Transcoder | transcoder_stream.cpp:100  | [#default#app/stream(192384254)] Transcoder input stream has been started. Status : (1) Decoders, (0) Encoders

[2022-04-25 16:48:04.673] I [Decaac:45] Transcoder | decoder_aac.cpp:223  | [#default#app/stream(192384254)] input stream information: [audio] aac (LC), 48000 Hz, stereo, fltp, 121 kbps, timebase: 1/90000, frame_size: 1024

[2022-04-25 16:48:04.675] I [OutboundWorker:36] WebRTC Publisher | rtc_stream.cpp:279  | Unsupported codec(Audio/AAC) is being input from media track

[2022-04-25 16:48:04.675] I [OutboundWorker:36] WebRTC Publisher | rtc_stream.cpp:353  | WebRTC Stream has been created : stream/2747904479

Rtx(FALSE) Ulpfec(FALSE) JitterBuffer(FALSE) PlayoutDelay(FALSE min:0 max: 0)

[2022-04-25 16:48:04.675] I [OutboundWorker:36] Publisher | stream.cpp:181  | WebRTC Publisher Application application has started [stream(2747904479)] stream (MSID : 0)

[2022-04-25 16:48:04.675] I [OutboundWorker:36] HLS | hls_packetizer.cpp:152  | [#default#app/stream] HLS: Packetizer will be reset: 0

[2022-04-25 16:48:04.675] I [OutboundWorker:36] Publisher | stream.cpp:181  | HLS Publisher Application application has started [stream(2747904479)] stream (MSID : 0)

[2022-04-25 16:48:04.675] I [OutboundWorker:36] Publisher | stream.cpp:181  | DASH Publisher Application application has started [stream(2747904479)] stream (MSID : 0)

[2022-04-25 16:48:04.675] I [OutboundWorker:36] Publisher | stream.cpp:181  | LLDASH Publisher Application application has started [stream(2747904479)] stream (MSID : 0)

[2022-04-25 16:48:04.676] I [OutboundWorker:36] Publisher | stream.cpp:181  | OVTPublisher Application application has started [stream(2747904479)] stream (MSID : 0)

[2022-04-25 16:48:04.676] I [AW-DASH0:39] DASH | dash_packetizer.cpp:237  | [#default#app/stream] DASH: init_video.m4s has created

[2022-04-25 16:48:04.677] I [AW-DASH0:39] DASH | dash_packetizer.cpp:271  | [#default#app/stream] DASH: init_audio.m4s has created

[2022-04-25 16:48:08.165] I [AW-LLDASH0:40] LLDASH | cmaf_packetizer.cpp:765  | [0x7fb26000c1b0] LLDASH segment is ready to stream [#default#app/stream], segment duration: 5.000000s, count: 1

[2022-04-25 16:48:18.155] I [AW-HLS0:38] HLS | hls_packetizer.cpp:496  | [#default#app/stream] HLS: Segments are ready, segment duration: 5.000000s, count: 3

[2022-04-25 16:48:18.182] I [AW-DASH0:39] DASH | dash_packetizer.cpp:801  | [#default#app/stream] DASH: Segments are ready to stream, segment duration: 5.000000s, count: 3

[2022-04-25 16:48:34.414] E [SPRtcSig-T3334:13] HttpServer | http_server.cpp:176  | Could not find client <ClientSocket: 0x7fb29c001130, #25, Disconnected, TCP, Nonblocking, 172.17.0.1:50290> from list

[2022-04-25 16:48:37.359] E [SPRtcSig-T3334:13] HttpServer | https_server.cpp:83   | Could not handle connection event: there is no certificate

So it's showing these errors:

[2022-04-25 16:48:34.414] E [SPRtcSig-T3334:13] HttpServer | http_server.cpp:176  | Could not find client <ClientSocket: 0x7fb29c001130, #25, Disconnected, TCP, Nonblocking, 172.17.0.1:50290> from list

[2022-04-25 16:48:37.359] E [SPRtcSig-T3334:13] HttpServer | https_server.cpp:83   | Could not handle connection event: there is no certificate

What does it mean the "could not find client error" by the way?

naanlizard commented 2 years ago

I'd suspect you're connecting via either a non-'*.localhost' url or you're connecting via say, example.localhost instead of test.localhost (with only test.localhost in the SSL cert)

Try changing your config to all domains for testing

djkunedo commented 2 years ago

I missed the http_server_manager.cpp:89 | Could not set certificate: [OpenSSL] Certificate is nullptr the last time but unfortunately keeps appearing in the log even with the full path... I'll try with another certificate and I'll share feedback. That nullptr shows with <Name>*</Name> <Name>*.localhost</Name> or <Name>localhost</Name> . Besides that, in the documentation ( https://airensoft.gitbook.io/ovenmediaengine/streaming/tls-encryption ) says: If you set up TLS, you can't set IP or * into . You can only set Domains that the certificate contains. So I guess the value I should use with that certificate should be <Name>localhost</Name> . Anyway, tomorrow I'll give it a try to letsencrypt.

IanMitchell77 commented 2 years ago

@djkunedo - you are using docker so you'll need to give the proper DNS entry in the name tag of the configuration file.

djkunedo commented 2 years ago

@djkunedo - you are using docker so you'll need to give the proper DNS entry in the name tag of the configuration file.

Thanks for your response IanMitchell77. I think that I could not be using the right certificate. I should try to generate a domain certificate instead of the IIS self-signed certificates and set that/those domains in the name tag. I'm also a noob with this certificates topic... I'll share any updates.

AirenSoft / OvenMediaEngine

Q: I have to open the port in docker after the ssl configuration? #574