search

node-webrtc / node-webrtc-examples

MediaStream and RTCDataChannel examples using node-webrtc
508 stars 161 forks source link

Running with a certificate. #21

Closed kosso closed 3 years ago

kosso commented 4 years ago

Hi,

Firstly, thanks for a great set of examples. I've been monitoring webRTC for years now and it's great to see what's now possible using NodeJS to act as a 'headless' webRTC Client. Great job :+1:

But do you have an example version of the index.js (eg index_secure.js) to run this samples app with a secure certificate to be able to run it on my server?

In the past when I've set up a secure websocket server with Node and express, I've started with something like 

const https = require('https');
var app = require('express')();
const server = https.createServer({
    cert: fs.readFileSync(/etc/letsencrypt/live/host.domain.com/cert.pem'),
    key: fs.readFileSync('/etc/letsencrypt/live/host.domain.com/privkey.pem'),
    ca: fs.readFileSync('/etc/letsencrypt/live/host.domain.com/chain.pem'),
}, app);

// ..

I seem to have got the sample html pages running on my server, securely over port 445 with this, but none of the actual webRTC examples seem to work. (And naturally, non-localhost will need to be run securely to be able to access the camera and microphone. )

Am I missing something?

Many thanks!

(Things like this are a 'holy grail' of ideas for me. ;) )

savsofts commented 4 years ago

I installed letsencrypt certificate on our server and modified index.js file to read certificate. you can check attached zip file for reference. https-index.zip

markandrus commented 4 years ago

Hi @kosso,

Firstly, thanks for a great set of examples. I've been monitoring webRTC for years now and it's great to see what's now possible using NodeJS to act as a 'headless' webRTC Client. Great job 👍

Thanks 🙇

But do you have an example version of the index.js (eg index_secure.js) to run this samples app with a secure certificate to be able to run it on my server?

For serving the JavaScript/HTML over HTTPS, it should also be sufficient to place a TLS-terminating reverse proxy in front of the Node.js server. That's how many Node.js-based HTTP servers are deployed. They don't terminate TLS themselves and instead rely on a reverse proxy (like NGINX). I would recommend looking into this solution.

For the actual WebRTC traffic, you just need to ensure the example server advertises its public IP address in its host candidates. The traffic will be encrypted with DTLS and/or DTLS-SRTP.