search

meetecho / janus-gateway

Janus WebRTC Server
https://janus.conf.meetecho.com
GNU General Public License v3.0
8.25k stars 2.48k forks source link

[FATAL] [dtls.c:janus_dtls_load_keys:331] Error opening certificate file #2845

Closed mazbeh closed 2 years ago

mazbeh commented 2 years ago

Hello every body, maybe its an old topic but since i am new to janus (docker version) i would please you to give me tipps, thanks !

I will install janus under the docker version. When i start the docker containers ( sudo docker-compose up ) , i get the error : [FATAL] [dtls.c:janus_dtls_load_keys:331] Error opening certificate file

I have configured the certificates in the janus.jcfg as follow:

but RSA generation is still supported if you set 'rsa_private_key' to 'true'.

certificates: { cert_pem = "/srv/certs/fullchain.pem" cert_key = "/srv/certs/privatekey.key"

cert_pwd = "secretpassphrase"

   dtls_accept_selfsigned = false
   #dtls_ciphers = "DEFAULT:!NULL:!aNULL:!SHA256:!SHA384:!aECDH:!AESGCM+AES256:!aPSK"
   rsa_private_key = true

} . the Turn container can access and read the certificates but the janus container not. the fullchain.pem contains the CA and the server Certificates.

I would appreciate it, if you could give some tipps, thanks !

lminiero commented 2 years ago

fopen is failing, so Janus can't access the file for some reason. Change line 331 to something like this:

JANUS_LOG(LOG_FATAL, "Error opening certificate file (%d, %s)\n", errno, g_strerror(errno));

which should print the exact cause.

mazbeh commented 2 years ago

first of thanks alot for the replying ! how should i exactly add it? i just made a copy paste of that in the janus.jcfg but now i get a syntax error.

lminiero commented 2 years ago

I was talking of line 331 of dtls.c (since that's the line mentioned in the log you shared), not the config file... Modify that line as I said, recompile, and try again.

mazbeh commented 2 years ago

sorry, that i may understand you false. I have only these files: janus.jcfg janus.plugin.audiobridge.jcfg janus.plugin.videoroom.jcfg turnserver.conf

and a docker-compose file. The line 331 is as follows:

ice_enforce_list = "eth0,192.168.0.1"

i dont have any dtls.c file.

lminiero commented 2 years ago

You DO have a dtls.c file, it's part of the Janus sources you compiled... :man_facepalming:

lminiero commented 2 years ago

I added it to the code myself. Just pull the latest master and try again.

mazbeh commented 2 years ago

ok, thanks. I will do that and let you know.

lminiero commented 2 years ago

Any update?

mazbeh commented 2 years ago

Hi, sorry, i was some days in vacation. I have configured the Certificates directly in the docker-compose file and now every thing works fine, thanks !

lminiero commented 2 years ago

Ack, closing then.

mazbeh commented 2 years ago

joo :))