Skip to content

Employ jetty web server

Let the Java web server Jettie handle all on port 443 and eliminate nginx proxy https://github.com/jitsi/jitsi-videobridge/blob/master/doc/http.md

Expected effect: port harvesting for video conferencing will then also work for 443

This requires generating SSL key for jetty like here http://blog.dgunia.de/2016/03/09/using-a-free-ssl-certificate-from-lets-encrypt-with-jetty/ - use nginx for port 80 only

We've created a pks keystore file from LE https://github.com/certbot/certbot/issues/1701#issuecomment-447640340

openssl pkcs12 -export -in /etc/letsencrypt/live/fairmeeting.net/fullchain.pem -inkey /etc/letsencrypt/live/fairmeeting.net/privkey.pem -out fullchain_and_key.p12 -name jetty

keytool -importkeystore -destkeystore keystore_le -srckeystore fullchain_and_key.p12 -alias jetty
 
keytool -import -destkeystore keystore_le -file /etc/letsencrypt/live/fairmeeting.net/chain.pem -alias root

We've extended jetty usage in /etc/jitsi/videobridge/sip-communicator.propertiesJETTY and in /etc/jitsi/videobridge/config as described here https://github.com/jitsi/jitsi-videobridge/blob/master/doc/http.md

stopped nginx and restarted jvb - no success yet, no output to logfile, not clear if that works at all

reverted properties and config

Edited by Roland Alton

gitlab project and software management by fairkom.eu - more open source web apps at fairapps.net