You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@openmeetings.apache.org by Marcus Wellnitz <we...@datenwerk-it.de> on 2012/11/06 21:58:09 UTC

reverse proxy and context root changes for using only 1 ssl-port

Dear OM Users,

I'm not sure if I had to contact the developers mailinglist but first i 
try it here.

Is it possible to configure apache reverse-proxy and OM to only use one 
IP-Address/Port?

In my configuration there is an extra Apache for SSL encryption. The OM 
Application server is an additional machine in the backend.
Is it possible to ensure that the rtmp-connection is done by a specific 
context-root?
In that case i'm able to configure my reverse-proxy to use e.g. /om-web 
and /om-rtmps within one vHost configuration.

Which configuration files I have to edit? Which parameters are 
responsible for changing the context-root for rtmp(s)?
Maybe 
'webapps/root/WEB-INF/red5-web.properties:webapp.contextPath=/om-rtmps' ?

I want to configure my system to do all ssl-offloading with the 
reverse-proxy and to communicate unencrypted between Apache frontend and 
the red5 backend.

Do you see any solution?

-- 
Marcus Wellnitz
Datenwerk GmbH
Vogelsbergstr. 34
60316 Frankfurt am Main

Telefon +49 (0) 69/9434086-0
Fax     +49 (0) 69/9434086-9
E-Mail  hosting@datenwerk-it.de
Web     www.datenwerk-it.de

Sitz: Frankfurt am Main, Amtsgericht  Frankfurt am Main HRB 55221
Geschäftsführer: Michael Beck

RE: reverse proxy and context root changes for using only 1 ssl-port

Posted by George Kirkham <gk...@co2crc.com.au>.

Hi Marcus,

 

I am guessing that there is no way to run the rtmpport over port 443 with Apache (it would be great if there was).  If you are prepared to run all traffic via rtmpTunnelport then the below might work.  I hope if I am missing anything here that someone else will correct me.

 

If you get the solution working as you want, please let me know the configuration and steps that you did.

 

Please try the below notes, and if you get it working for port 80, then try port 443;

 

Set up openmeetings and rtmpt CNAMEs in DNS.that point to Apache proxy server.

 

Add hostname and IP in OS hosts table that point to actual openmeetings server on Apache Proxy (and sub domain names for the DNS server that is the registrar for your doman name), for;

openmeetings.mydomain.com

rtmpt.mydomain.com

 

On your Apache web server create virtual host files for the above to sub domains. For me these go into "/etc/apache2/sites-available".

 Relevant section of openmeetings virtual host:

 

<VirtualHost *:80>

    ServerName openmeetings.mydomain.com

    <Location /openmeetings>

            Order allow,deny

            Allow from all

    </Location>

    ProxyPass / http://openmeetings.mydomain.com:5080/

    ProxyPassReverse / http://openmeetings.mydomain.com:5080/

</VirtualHost>

 

Relevant section of openmeetings-rtmpt virtual host:

 

<VirtualHost *:80>

    ServerName rtmpt.mydomain.com

    <Location /openmeetings>

            Order allow,deny

            Allow from all

    </Location>

    ProxyPass /openmeetings http://openmeetings.mydomain.com:5080/openmeetings

    ProxyPassReverse /openmeetings http://openmeetings.mydomain.com:5080/openmeetings

 

    ProxyPass / http://openmeetings.mydomain.com:8088/

    ProxyPassReverse / http://openmeetings.mydomain.com:8088/

</VirtualHost>

 

Modify your OpenMeetings config:

 

red5/webapps/openmeetings/config.xml:

 

<rtmphostlocal>rtmpt.mydomain.com</rtmphostlocal>

 

<rtmpTunnelport>80</rtmpTunnelport>

 

<red5httpport>80</red5httpport>

 

 

 

Thanks,

 

George Kirkham

 

 

 

-----Original Message-----
From: Marcus Wellnitz [mailto:wellnitz@datenwerk-it.de] 
Sent: Wednesday, 7 November 2012 7:58 AM
To: Openmeetings User Mailinglist
Subject: reverse proxy and context root changes for using only 1 ssl-port

 

Dear OM Users,

 

I'm not sure if I had to contact the developers mailinglist but first i try it here.

 

Is it possible to configure apache reverse-proxy and OM to only use one IP-Address/Port?

 

In my configuration there is an extra Apache for SSL encryption. The OM Application server is an additional machine in the backend.

Is it possible to ensure that the rtmp-connection is done by a specific context-root?

In that case i'm able to configure my reverse-proxy to use e.g. /om-web and /om-rtmps within one vHost configuration.

 

Which configuration files I have to edit? Which parameters are responsible for changing the context-root for rtmp(s)?

Maybe

'webapps/root/WEB-INF/red5-web.properties:webapp.contextPath=/om-rtmps' ?

 

I want to configure my system to do all ssl-offloading with the reverse-proxy and to communicate unencrypted between Apache frontend and the red5 backend.

 

Do you see any solution?

 

--

Marcus Wellnitz

Datenwerk GmbH

Vogelsbergstr. 34

60316 Frankfurt am Main

 

Telefon +49 (0) 69/9434086-0

Fax     +49 (0) 69/9434086-9

E-Mail  hosting@datenwerk-it.de <ma...@datenwerk-it.de> 

Web     www.datenwerk-it.de <http://www.datenwerk-it.de> 

 

Sitz: Frankfurt am Main, Amtsgericht  Frankfurt am Main HRB 55221

Geschäftsführer: Michael Beck