Problem starting wss secure connection

[tbr666]

I am currently using a 30 day free trial Flashphoner license and I'm trying to connect to websocket using wss protocol from my website. When I use the connection url ws://[IP-address]:8088 and press connect, the connection is successfull and I play the rtsp stream successfully, but it can be done only when my website is opened with http protocol. I want the Flashphoner to also work with the https protocol so I tried to use wss://[IP-address]:8843 url for connection, but I get INSECURE_RESPONSE error and the connection fails. Is there a way to solve this issue? Should I buy the license to make it work with wss protocol or do I need to apply a certificate to a server?
I found some instructions on this link: https://flashphoner.com/docs/wcs4/1...ment-websocket_ssl-ssl_certificate_import.htm

 

[Max]

For playback you can use either http or https
HTTP
http://host:9091
ws://host:8080
HTTPS
https://host:8888
wss://host:8443
To get this working over HTTPS you have to import SSL certificates.
Example of import:
https://wcs5-eu.flashphoner.com
Security / Certificates

Here we imported Letsencrypt certs as two files:
1. fullchain1.pem - certificates
2. privkey1.pem - private key
You can get certificates from here
https://certbot.eff.org/
Or from your own trusted SSL provider.

 

[Max]

>Should I buy the license to make it work with wss protocol or do I need to apply a certificate to a server?
no, you shouldn't

 

[tbr666]

Can I assing the certificate to the Flashphoner server I have installed on my Centos 7 machine? I already have a valid certificate of the domain from which I'm streaming. I have 2 different servers, one of them is a CPanel server with my website and Flashphoner client and another is Centos 7 server (no domain is assigned to it) with Flashphoner installed. Instructions say that I need to delete self signed wss.jks certificate from Flashphoner server and add another one, but I need to know where to declare that certificate in Flashphoner server conf files.

 

[Max]

Yes you can try to import your existing certificate
For example you have two domains
myproject.com - for your web host
wcs.myproject.com - for wcs server
So you need a wildcard certificate that covers *.myproject.com or you need a certificate covering wcs.myproject.com
You can import such certificates two ways:
1) Via dashboard UI
Open https://host:8888
Login and import via Security / Certificates
2) Via command line
As per this link
https://flashphoner.com/docs/wcs4/1...ment-websocket_ssl-ssl_certificate_import.htm

Generally it should be imported over UI.
If UI import does not work, you can use command line.

I need to know where to declare that certificate in Flashphoner server conf files.

When you import over command line or over UI, certificates will be imported into wss.jks keystore.
So wss.jks is only file where certificates are declared (imported).
You can print existing keystore using this command:

keytool -v --keystore /usr/local/FlashphonerWebCallServer/conf/wss.jks -list

Keytool path (from JDK)

/usr/java/default/bin/keytool

Default password: password