SSL

[swatisinhamis]

Is there any option to add SSL? We subscribed to a Flashphoner EC2 instance, but we were unable to connect to the server using WinSCP and FileZilla. Consequently, we are unable to upload and download files. Is there any option to obtain Let's Encrypt SSL files? We can connect directly on the awsplatform.

 

[Max]

Hello

Please check instruction how to launch Amazon AWS instance

WCS in Amazon EC2 - Web Call Server 5.2 - EN - Flashphoner Documentation

docs.flashphoner.com

Step 8.

Here you set Key Pair.
The key pair is SSH Private Key and SSH Public Key.
Therefore you have SSH Private Key for connection via WinSCP, Putty, or another SSH client.

Regarding SSL import.
You can open web interface https://host:8444
Sign in as:
login: admin
password: {aws instance ID}
Then import SSL certs as described here

Websocket SSL - Web Call Server 5.2 - EN - Flashphoner Documentation

docs.flashphoner.com

 

[swatisinhamis]

after trying to connect aws instance to winscp we get this message

 

[Max]

Try another SSH client like Putty for Windows or Total Commander, or Far Manager + Netbox

 

[swatisinhamis]

using aws we directly connected to the server but how to download this files and is any option so we can move certificate using command then server accept this

 

[swatisinhamis]

any other option

 

[Max]

It seems you would need a Linux admin guy who download and import SSL certificates.
If you send SSH access credentials using this private form, our engineers will do this.
Point to the folder where pre-generated cert files located.

Note:

1. AWS may do not support letsencrypt generation properly.

2. We would recommend Non-Let'sencrypt wildcard SSL certificates, i.e. *.mycompany.com
Something like this:

Namecheap

www.namecheap.com

3. If you are sure that all your servers will be hosted on Amazon AWS, we would recommend to use Amazon AWS Certificates and Load balancer.

 

[swatisinhamis]

i am unable to get password and password private key

 

[swatisinhamis]

I have pem and PPK file

 

[Max]

The pem file and IP address should be enough for SSH connection

 

[Max]

We successfully connected to your server, but you have not provided a valid SSL certificate for your domain, so nothing to import.
Please buy a valid SSL certificate from some CA provider or register a domain with AWS Route53.
Also seems like media ports (30000-33000) are blocked on server (both TCP and UDP). Please check a security settings and open the ports/

 

[swatisinhamis]

ok i will check

 

[swatisinhamis]

Please check if any other port you want to added

 

[swatisinhamis]

also added a route53

 

[swatisinhamis]

can you please suggest where we get the CA certificate from any provider

 

[Max]

Please check if any other port you want to added

Add 30000-33000/TCP please.

can you please suggest where we get the CA certificate from any provider

You can use AWS Certificate Manager. Please read this article or refer to AWS docs.

 

[swatisinhamis]

successfully added TCP

how to validate this

 

[Max]

how to validate this

Please refer to ACM docs or ask AWS support.

 

[swatisinhamis]

@Max @antu123 We successfully updated an SSL certificate and key but we still get errors while using "wss://aws.easestream.com:8443/" publish and play live streaming can you please check if it is SSL working properly and if there is any issue on the server

 

[Max]

SSL seems working corfrectly.
But IP addresses (ip and ip_local settings) were incorrect. We fixed it using the command

sudo /usr/local/FlashphonerWebCallServer/bin/webcallserver set-ip

and then restarted the server. Now WebRTC publishing and playback works