Open chrischarles2002 opened 8 years ago
Found my own issue.
Pretty Stupid.
Missing semi-colon (;) at the end of each line in
So the section of the file went from this:
<ssl-certificates>
/etc/letsencrypt/comodo/server.key
/etc/letsencrypt/comodo/my.domain.com.ca-bundle
/etc/letsencrypt/comodo/my.domain.com.crt
no
</ssl-certificates>
To this:
<ssl-certificates>
/etc/letsencrypt/comodo/server.key;
/etc/letsencrypt/comodo/my.domain.com.crt;
*;
no
</ssl-certificates>
And everything works now.
You can close this thread as "INVALID". Sorry about that.
Can anyone out there assist with this issue? I’m thinking it’s just a config issue on my side (I am hoping).
Here is my environment:
CentOS: 6.7 WebRTC 2.7.0 sipML: https://www.doubango.org/sipml5/call.htm?svn=241 Apache: 2.2.15 Chrome: 47.0.2526.80 m
With
Let’s Encrypt Public Beta (from: “git clone https://github.com/letsencrypt/letsencrypt”)
Using the sipML website, I am trying to test using SSL certificates generated by Let’s Encrypt as the resource to connect over secured WebSocket (WSS) to WebRTC. This would be for audio only.
Using the command “./letsencrypt-auto certonly “, Let’s Encrypt generates the following four (4) files:
I have also generated another public key from my private key using the following command:
openssl rsa -in privkey.pem -pubout -out pubkey.pub
As a separate test, I confirmed that these certificates worked on a HTTPS website, on this same server. Here is my Apache config for the test website:
The website leads in all browsers without any issues, so we know the certificate files are fine.
Here is the config.xml for WebRTC (also attached): config.xml.txt
Note: I have also interchanged the “pubkey.pem” file with the “fullchain.pem” with the exact same behavior.
In sipML, I have specified the “WebSocket Server URL” as “wss://my.domain.com:10062”
Upon clicking on the “Login” button on the sipML site, the plain text response is: “Disconnected: Failed to connet to the server”
The Chrome 47 Console, returns the following message for the event:
Alternatively, to eliminate the Let’s Encrypt certificate files and keys, I signed up for a trial SSL certificate from Comodo (https://ssl.comodo.com/free-ssl-certificate.php).
The files that Comodo produces are:
And the Apache config is also slightly different:
This Apache setup also launches the associated website without any issues. The alternative certification files would then yield the following in the “ssl-certificates” section of the WebRTC config.xml:
Using either signing authorities setups, yield the exact same result in the WebRTC console.
Mainly these are the messages:
and
Here’s the WebRTC console output: