Iuri Posted May 15, 2021 Share Posted May 15, 2021 Hi! I've been using Ant Media CE and so far I was able to enable https (port 5443) and LDAP user authentication (port 589). My LDAPS has a server certificate that was signed by the same CA that signed the Antmedia server certificate. As far as I know, I must also add the LDAPS server certificate to Antmedia keystore file. Is that possible? How do I do that? Regards Link to comment Share on other sites More sharing options...
0 Iuri Posted May 15, 2021 Author Share Posted May 15, 2021 I've been getting this error on my LDAP server (openldap): closed (TLS negotiation failure) Link to comment Share on other sites More sharing options...
0 Selim Emre Posted May 20, 2021 Share Posted May 20, 2021 Hi Luri, Have a good day. Sorry for the delay. As I understand you want to compatible your SSL certificates with Ant Media Server. If you want to use specific SSL certificates in Ant Media Server, you need to change http.ssl_certificate_file, http.ssl_certificate_key_file and http.ssl_certificate_chain_file parameters from conf/red5.properties file. You can use Ant Media Server only one SSL certificate file. We haven't yet worked on multiple certificates working at Ant Media Server. I think it might be a good feature request. Thank you for that. As far as I know, I must also add the LDAPS server certificate to Antmedia keystore file. Is that possible? How do I do that? Are you sure you want to add your certificates to Ant Media Server? We don't have much experience with LDAPS. I just want to understand your case. Why are you want to add your certificates to Ant Media Server? Looking forward to hearing from you soon. Best Regards, Selim Link to comment Share on other sites More sharing options...
0 Iuri Posted May 21, 2021 Author Share Posted May 21, 2021 Hi Selim! Thank you for your response. After reading several articles on the internet, I found out that the certificate must have the SAN (subject alternative name). Then, I had to load the certificate to the cacert keystorein /usr/lib/jvm/java-11-openjdk-amd64/lib/security sudo keytool -import -file /<location>/<ldadcertificate.pem> -keystore cacerts Now, everything works fine. Best regards, Iuri Link to comment Share on other sites More sharing options...
0 Selim Emre Posted May 21, 2021 Share Posted May 21, 2021 Hi Luri, Thank you for updating me. I am glad your issue was resolved. Best Regards, Selim Link to comment Share on other sites More sharing options...
Question
Iuri
to enable https (port 5443) and LDAP user authentication (port 589).
Link to comment
Share on other sites
Top Posters For This Question
3
2
Popular Days
May 15
2
May 21
2
May 20
1
Top Posters For This Question
Iuri 3 posts
Selim Emre 2 posts
Popular Days
May 15 2021
2 posts
May 21 2021
2 posts
May 20 2021
1 post
4 answers to this question
Recommended Posts