-
|
Having trouble getting stream to load via WSS on a page hosting player via HTTPS. It loads fine via WS on port 3333 on an HTTP page, and LLHLS loads fine via HTTP and HTTPS on port 3333. When I try loading via WSS on port 3334, I get the following error in docker logs: 2023-06-05 01:27:32 [2023-06-05 05:27:32.504] E [SPRtcSig-t3334:12] HttpServer | https_server.cpp:97 | Could not handle connection event: there is no certificate OME is running in a docker container with the following ports open: OME is behind Traefik proxy, using an HTTPS entrypoint, accessible via "stream.domain.com" which forwards to docker container on port 3333. Additionally, I am port forwarding 1935 and 3334 directly to the container. TLS certificates were generated using certbot for "stream.domain.com". OvenPlayer is behind Traefik proxy, using HTTPS entrypoint, accessible via "player.domain.com" which forwards to docker container on port 80. Here is my server.xml <?xml version="1.0" encoding="UTF-8" ?>
<Server version="8">
<Name>OvenMediaEngine</Name>
<!-- Host type (origin/edge) -->
<Type>origin</Type>
<!-- Specify IP address to bind (* means all IPs) -->
<IP>*</IP>
<PrivacyProtection>false</PrivacyProtection>
<!--
To get the public IP address(mapped address of stun) of the local server.
This is useful when OME cannot obtain a public IP from an interface, such as AWS or docker environment.
If this is successful, you can use ${PublicIP} in your settings.
-->
<StunServer>stun.ovenmediaengine.com:13478</StunServer>
<Modules>
<!--
Currently OME only supports h2 like all browsers do. Therefore, HTTP/2 only works on TLS ports.
-->
<HTTP2>
<Enable>true</Enable>
</HTTP2>
<LLHLS>
<Enable>true</Enable>
</LLHLS>
<!-- P2P works only in WebRTC and is experiment feature -->
<P2P>
<!-- disabled by default -->
<Enable>false</Enable>
<MaxClientPeersPerHostPeer>2</MaxClientPeersPerHostPeer>
</P2P>
</Modules>
<!-- Settings for the ports to bind -->
<Bind>
<!-- Enable this configuration if you want to use API Server -->
<!--
<Managers>
<API>
<Port>${env:OME_API_PORT:8081}</Port>
<WorkerCount>1</WorkerCount>
</API>
</Managers>
-->
<Providers>
<!-- Pull providers -->
<RTSPC>
<WorkerCount>1</WorkerCount>
</RTSPC>
<OVT>
<WorkerCount>1</WorkerCount>
</OVT>
<!-- Push providers -->
<RTMP>
<Port>${env:OME_RTMP_PROV_PORT:1935}</Port>
<WorkerCount>1</WorkerCount>
</RTMP>
<SRT>
<Port>${env:OME_SRT_PROV_PORT:9999}</Port>
<WorkerCount>1</WorkerCount>
</SRT>
<!--
<MPEGTS>
<- Listen on port 4000
This is just a demonstration to show that you can configure the port in several ways ->
<Port>${env:OME_MPEGTS_PROV_PORT:4000-4001,4004,4005/udp}</Port>
<Port>${env:OME_MPEGTS_PROV_PORT:4000-4005/udp}</Port>
</MPEGTS>
-->
<WebRTC>
<Signalling>
<Port>${env:OME_WEBRTC_SIGNALLING_PORT:3333}</Port>
<TLSPort>${env:OME_WEBRTC_SIGNALLING_TLS_PORT:3334}</TLSPort>
<WorkerCount>1</WorkerCount>
</Signalling>
<IceCandidates>
<IceCandidate>${env:OME_HOST_IP:*}:${env:OME_WEBRTC_CANDIDATE_PORT:10000-10004/udp}</IceCandidate>
<TcpRelay>${env:OME_HOST_IP:*}:${env:OME_WEBRTC_TCP_RELAY_PORT:3478}</TcpRelay>
<TcpForce>true</TcpForce>
<TcpRelayWorkerCount>1</TcpRelayWorkerCount>
</IceCandidates>
</WebRTC>
</Providers>
<Publishers>
<!-- The OVT is protocol for ORIGIN-EDGE -->
<OVT>
<Port>${env:OME_ORIGIN_PORT:9000}</Port>
<WorkerCount>1</WorkerCount>
</OVT>
<LLHLS>
<!--
OME only supports h2, so LLHLS works over HTTP/1.1 on non-TLS port.
Note that LLHLS runs higher performance over HTTP/2.
Therefore, it is recommended to use TLS Port.
-->
<Port>${env:OME_LLHLS_STREAM_PORT:3333}</Port>
<TLSPort>${env:OME_LLHLS_STREAM_TLS_PORT:3334}</TLSPort>
<WorkerCount>1</WorkerCount>
</LLHLS>
<WebRTC>
<Signalling>
<Port>${env:OME_WEBRTC_SIGNALLING_PORT:3333}</Port>
<TLSPort>${env:OME_WEBRTC_SIGNALLING_TLS_PORT:3334}</TLSPort>
<WorkerCount>1</WorkerCount>
</Signalling>
<IceCandidates>
<IceCandidate>${env:OME_WEBRTC_CANDIDATE_IP:*}:${env:OME_WEBRTC_CANDIDATE_PORT:10000-10004/udp}</IceCandidate>
<TcpRelay>${env:OME_WEBRTC_CANDIDATE_IP:*}:${env:OME_WEBRTC_TCP_RELAY_PORT:3478}</TcpRelay>
<TcpForce>true</TcpForce>
<TcpRelayWorkerCount>1</TcpRelayWorkerCount>
</IceCandidates>
</WebRTC>
</Publishers>
</Bind>
<VirtualHosts>
<!--
You can include multiple XML files by doing the following:
<VirtualHost include="sites-enabled/*.xml" />
-->
<VirtualHost include="VHost*.xml" />
<VirtualHost>
<Name>default</Name>
<!--Distribution is a value that can be used when grouping the same vhost distributed across multiple servers. This value is output to the events log, so you can use it to aggregate statistics. -->
<Distribution>ovenmediaengine.com</Distribution>
<!-- Settings for multi ip/domain and TLS -->
<Host>
<Names>
<Name>stream.domain.com</Name>
</Names>
<TLS>
<CertPath>/opt/ovenmediaengine/bin/origin_conf/stream.domain.com/cert.crt</CertPath>
<KeyPath>/opt/ovenmediaengine/bin/origin_conf/stream.domain.com/cert.key</KeyPath>
<ChainCertPath>/opt/ovenmediaengine/bin/origin_conf/stream.domain.com/fullchain.crt</ChainCertPath>
</TLS>
</Host>
<!-- Refer https://airensoft.gitbook.io/ovenmediaengine/signedpolicy
<SignedPolicy>
<PolicyQueryKeyName>policy</PolicyQueryKeyName>
<SignatureQueryKeyName>signature</SignatureQueryKeyName>
<SecretKey>aKq#1kj</SecretKey>
<Enables>
<Providers>rtmp,webrtc,srt</Providers>
<Publishers>webrtc,hls,llhls,dash,lldash</Publishers>
</Enables>
</SignedPolicy>
-->
<!--
<OriginMapStore>
In order to use OriginMap, you must enable OVT Publisher in Origin and OVT Provider in Edge.
<RedisServer>
<Host>192.168.0.160:6379</Host>
<Auth>!@#ovenmediaengine</Auth>
</RedisServer>
This is only needed for the origin server and used to register the ovt address of the stream.
<OriginHostName>${env:OME_HOST_IP:192.168.0.160}</OriginHostName>
</OriginMapStore>
-->
<!-- Default CORS Settings -->
<CrossDomains>
<Url>*</Url>
</CrossDomains>
<!-- Settings for applications -->
<Applications>
<Application>
<Name>app</Name>
<!-- Application type (live/vod) -->
<Type>live</Type>
<OutputProfiles>
<HardwareAcceleration>true</HardwareAcceleration>
<OutputProfile>
<Name>bypass_stream</Name>
<OutputStreamName>${OriginStreamName}</OutputStreamName>
<!--LLHLS URL : https://domain/app/stream/abr.m3u8 -->
<Playlist>
<Name>For LLHLS</Name>
<FileName>abr</FileName>
<Options> <!-- Optinal -->
<!--
Automatically switch rendition in WebRTC ABR
[Default] : true
-->
<WebRtcAutoAbr>true</WebRtcAutoAbr>
</Options>
<Rendition>
<Name>Bypass</Name>
<Video>bypass_video</Video>
<Audio>bypass_audio</Audio>
</Rendition>
<Rendition>
<Name>FHD</Name>
<Video>video_1280</Video>
<Audio>bypass_audio</Audio>
</Rendition>
<Rendition>
<Name>HD</Name>
<Video>video_720</Video>
<Audio>bypass_audio</Audio>
</Rendition>
</Playlist>
<!--LLHLS URL : https://domain/app/stream/llhls.m3u8 -->
<Playlist>
<Name>Change Default</Name>
<FileName>llhls</FileName>
<Rendition>
<Name>HD</Name>
<Video>video_720</Video>
<Audio>bypass_audio</Audio>
</Rendition>
</Playlist>
<Encodes>
<Audio>
<Name>bypass_audio</Name>
<Bypass>true</Bypass>
</Audio>
<Video>
<Name>bypass_video</Name>
<Bypass>true</Bypass>
</Video>
<Audio>
<Codec>opus</Codec>
<Bitrate>128000</Bitrate>
<Samplerate>48000</Samplerate>
<Channel>2</Channel>
</Audio>
<Video>
<Name>video_1280</Name>
<Codec>h264</Codec>
<Bitrate>5024000</Bitrate>
<Framerate>30</Framerate>
<Width>1920</Width>
<Height>1280</Height>
<Preset>faster</Preset>
</Video>
<Video>
<Name>video_720</Name>
<Codec>h264</Codec>
<Bitrate>2024000</Bitrate>
<Framerate>30</Framerate>
<Width>1280</Width>
<Height>720</Height>
<Preset>faster</Preset>
</Video>
</Encodes>
</OutputProfile>
</OutputProfiles>
<Providers>
<OVT />
<WebRTC>
<Timeout>30000</Timeout>
<CrossDomains>
<Url>*</Url>
</CrossDomains>
</WebRTC>
<RTMP />
<SRT />
<RTSPPull />
<!-- <MPEGTS>
<StreamMap>
<- Set the stream name of the client connected to the port to "stream_${Port}"
For example, if a client connets to port 4000, OME creates a "stream_4000" stream ->
<Stream>
<Name>stream_${Port}</Name>
<Port>4000,4001-4004</Port>
</Stream>
<Stream>
<Name>stream_4005</Name>
<Port>4005</Port>
</Stream>
<Stream>
<Name>stream_${Port}</Name>
<Port>${env:OME_MPEGTS_PROV_PORT:4000-4005/udp}</Port>
</Stream>
</StreamMap>
</MPEGTS> -->
</Providers>
<Publishers>
<AppWorkerCount>1</AppWorkerCount>
<StreamWorkerCount>8</StreamWorkerCount>
<OVT />
<WebRTC>
<Timeout>30000</Timeout>
<Rtx>false</Rtx>
<Ulpfec>false</Ulpfec>
<JitterBuffer>false</JitterBuffer>
</WebRTC>
<LLHLS>
<OriginMode>true</OriginMode>
<!--
<CacheControl>
<MasterPlaylistMaxAge>0</MasterPlaylistMaxAge>
<ChunklistMaxAge>0</ChunklistMaxAge>
<ChunklistWithDirectivesMaxAge>60</ChunklistWithDirectivesMaxAge>
<SegmentMaxAge>-1</SegmentMaxAge>
<PartialSegmentMaxAge>-1</PartialSegmentMaxAge>
</CacheControl>
-->
<ChunkDuration>0.5</ChunkDuration>
<!-- PartHoldBack SHOULD be at least three times the Part Target Duration -->
<PartHoldBack>1.5</PartHoldBack>
<SegmentDuration>6</SegmentDuration>
<SegmentCount>10</SegmentCount>
<CrossDomains>
<Url>*</Url>
</CrossDomains>
</LLHLS>
<RTMPPush>
</RTMPPush>
</Publishers>
</Application>
</Applications>
</VirtualHost>
</VirtualHosts>
</Server> |
Beta Was this translation helpful? Give feedback.
Answered by
getroot
Jun 5, 2023
Replies: 1 comment 4 replies
-
|
I think the certificate was not loaded properly. Check out the OME initial log. |
Beta Was this translation helpful? Give feedback.
4 replies
-
|
Ok. I see that issue now. Here is what I found: [2023-06-05 05:53:44.093] E [OvenMediaEngine:1] Certificate | certificate.cpp:47 | Failed to create a certificate for VirtualHost [default]: Am I supposed to load the PEM files directly? I had converted from PEM to crt/key using openssl commands. |
Beta Was this translation helpful? Give feedback.
-
|
Directly loading the PEM keys worked to solve the certificate issue. However, the WSS issue persists and I am unable to load streams over WSS. Here are my logs: 2023-06-05 02:19:19 [2023-06-05 06:19:19.148] I [SPRtcSig-t3334:12] Signalling | rtc_signalling_server.cpp:316 | New client is connected: <ClientSocket: 0x7fd370e01e10, #40, Connected, TCP, Nonblocking, 172.20.0.1:49144>
2023-06-05 02:19:19 [2023-06-05 06:19:19.191] I [SPRtcSig-t3334:12] Monitor | stream_metrics.cpp:114 | A new session has started playing #default#app/stream on the WebRTC publisher. WebRTC(2)/Stream total(2)/App total(2)
2023-06-05 02:19:19 [2023-06-05 06:19:19.191] I [SPRtcSig-t3334:12] ICE | ice_port.cpp:317 | Added session: 113 (ufrag: xmiZBV:4ksG)
2023-06-05 02:19:40 [2023-06-05 06:19:40.240] W [DQICETmout:13] ICE | ice_port.cpp:480 | Client (session id: 112) has expired
2023-06-05 02:19:40 [2023-06-05 06:19:40.240] I [DQICETmout:13] WebRTC Publisher | webrtc_publisher.cpp:648 | IcePort is disconnected. : (#default#app/stream/112) reason(5)
2023-06-05 02:19:40 [2023-06-05 06:19:40.241] I [DQICETmout:13] WebRTC Publisher | webrtc_publisher.cpp:550 | Stop command received : #default#app/stream/112
2023-06-05 02:19:40 [2023-06-05 06:19:40.241] I [DQICETmout:13] Monitor | stream_metrics.cpp:136 | A session has been stopped playing #default#app/stream on the WebRTC publisher. Concurrent Viewers[WebRTC(1)/Stream total(1)/App total(1)]
2023-06-05 02:19:40 [2023-06-05 06:19:40.241] I [DQICETmout:13] Signalling | rtc_signalling_server.cpp:450 | Client is disconnected: HttpConnection(0x7fd370e02a10) : WebSocket <ClientSocket: 0x7fd370e2dc10, #41, Connected, TCP, Nonblocking, 172.20.0.1:49138> TLS(Enabled) (#default#app / stream, ufrag: local: grO8kh, remote: PiRP)
2023-06-05 02:19:42 [2023-06-05 06:19:42.445] I [SPRtcSig-t3334:12] Signalling | rtc_signalling_server.cpp:316 | New client is connected: <ClientSocket: 0x7fd370e2dc10, #41, Connected, TCP, Nonblocking, 172.20.0.1:49146>
2023-06-05 02:19:42 [2023-06-05 06:19:42.462] I [SPRtcSig-t3334:12] Monitor | stream_metrics.cpp:114 | A new session has started playing #default#app/stream on the WebRTC publisher. WebRTC(2)/Stream total(2)/App total(2)
2023-06-05 02:19:42 [2023-06-05 06:19:42.463] I [SPRtcSig-t3334:12] ICE | ice_port.cpp:317 | Added session: 114 (ufrag: 3m9UTJ:dnQD)
2023-06-05 02:19:49 [2023-06-05 06:19:49.243] W [DQICETmout:13] ICE | ice_port.cpp:480 | Client (session id: 113) has expired
2023-06-05 02:19:49 [2023-06-05 06:19:49.243] I [DQICETmout:13] WebRTC Publisher | webrtc_publisher.cpp:648 | IcePort is disconnected. : (#default#app/stream/113) reason(5)
2023-06-05 02:19:49 [2023-06-05 06:19:49.243] I [DQICETmout:13] WebRTC Publisher | webrtc_publisher.cpp:550 | Stop command received : #default#app/stream/113
2023-06-05 02:19:49 [2023-06-05 06:19:49.244] I [DQICETmout:13] Monitor | stream_metrics.cpp:136 | A session has been stopped playing #default#app/stream on the WebRTC publisher. Concurrent Viewers[WebRTC(1)/Stream total(1)/App total(1)]
2023-06-05 02:19:49 [2023-06-05 06:19:49.244] I [DQICETmout:13] Signalling | rtc_signalling_server.cpp:450 | Client is disconnected: HttpConnection(0x7fd370e02810) : WebSocket <ClientSocket: 0x7fd370e01e10, #40, Connected, TCP, Nonblocking, 172.20.0.1:49144> TLS(Enabled) (#default#app / stream, ufrag: local: xmiZBV, remote: 4ksG) |
Beta Was this translation helpful? Give feedback.
-
Did you set the OME_HOST_IP environment variable to an externally accessible IP? |
Beta Was this translation helpful? Give feedback.
Answer selected by
msalmasi
-
|
Setting this manually resolved my issue. |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Did you set the OME_HOST_IP environment variable to an externally accessible IP?