Janus build an HTTPS environment

1 Introduction

For security privacy issues, now Webkit-browser share video, voice, latitude and longitude coordinates must be accessible via HTTPS form!

Chrome browser using the Webkit core, so unfortunately, if you want to share the local video on the latest Chrome browser via HTTP form of speech, it will appear as "Chrome browser call camera Fail" problem in the .

So, how to solve it? The answer is simple, is the transformation of HTTP service approach will be applied to the way HTTPS, HTTPS transformation Demos Janus examples in this article will be explained.

2, the transformation process

2.1 Installation Janus

If not deployed Janus environment, refer to "Ubuntu install deployment Janus" article deployment.

2.2 modify the configuration Janus

1, modified Janus configuration file janus.jcfg, the command is

root@webrtc:~# vi /opt/janus/etc/janus/janus.jcfg

DTLS confirmation certificate Janus configuration used, as shown in FIG.

2, modify Janus configuration file janus.janus.transport.http.jcfg, the command is

root@webrtc:~# vi /opt/janus/etc/janus/janus.janus.transport.http.jcfg

Modification or addition, as shown in FIG.

2.3 Installing Nginx

Under Ubuntu installation is very simple, use the following command:

sudo apt-get install nginx -y

After installation, you can use the following command to view

sudo netstat -ntlp | grep nginx

The results below, we can see already up and running nginx

root@webrtc:~# sudo netstat -ntlp | grep nginx
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1471/nginx: master
tcp6       0      0 :::80                   :::*                    LISTEN      1471/nginx: master

Can be accessed through a browser, such as http://172.16.0.17 can see Nginx home, as shown in FIG.

2.4 modify Nginx configuration

Nginx modify the default configuration file, the following command

root@webrtc:~# vi /etc/nginx/conf.d/default.conf

Modification or addition, as shown in FIG.

• An increase of 443 HTTPS listening ports
• Modify the root directory of the project for the demos directory janus
• Janus is set SSL certificate for the same certificate used by service

The modification is as follows:

server {
        listen       80;
        listen  *:443  ssl;
        server_name  localhost;

        location / {
                root /opt/janus/share/janus/demos;
                index index.html index.htm index.php;
        }

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
                root   /usr/share/nginx/html;
        }

        #ssl_certificate /etc/nginx/ssl/nginx.crt;
        #ssl_certificate_key /etc/nginx/ssl/nginx.key;
        ssl_certificate /opt/janus/share/janus/certs/mycert.pem;
        ssl_certificate_key /opt/janus/share/janus/certs/mycert.key;
}

2.5 Restart

2.5.1 restart Janus

View thread running Janus, the command is as follows

sudo netstat -ntlp | grep janus

The results are shown below

root@webrtc:~# sudo netstat -ntlp | grep janus
tcp        0      0 0.0.0.0:8188            0.0.0.0:*               LISTEN      1372/janus          
tcp6       0      0 :::8088                 :::*                    LISTEN      1372/janus          

Use the following command to end the process

sudo kill -9 1372

Note: 1372 found above the thread id

Then, start Janus, the command is as follows:

sudo /opt/janus/bin/janus -b --log-file=/opt/janus.log

2.5.2 restart Nginx

Use the following command to restart Nginx

sudo service nginx restart

Note: If no service command, self-install

2.5.3, the port situation after restart

Nginx port shown as follows:

root@webrtc:~# netstat -ntlp | grep nginx
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1471/nginx: master  
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      1471/nginx: master  
tcp6       0      0 :::80                   :::*                    LISTEN      1471/nginx: master

Janus port shown as follows:

root@webrtc:~# netstat -ntlp | grep janus
tcp        0      0 0.0.0.0:7188            0.0.0.0:*               LISTEN      1372/janus
tcp        0      0 0.0.0.0:7989            0.0.0.0:*               LISTEN      1372/janus
tcp        0      0 0.0.0.0:8188            0.0.0.0:*               LISTEN      1372/janus
tcp        0      0 0.0.0.0:8989            0.0.0.0:*               LISTEN      1372/janus
tcp6       0      0 :::7088                 :::*                    LISTEN      1372/janus
tcp6       0      0 :::7889                 :::*                    LISTEN      1372/janus
tcp6       0      0 :::8088                 :::*                    LISTEN      1372/janus
tcp6       0      0 :::8089                 :::*                    LISTEN      1372/janus

2.6 Use HTTPS access

Can be accessed through a browser, such as https://172.16.0.17 can see Nginx home, as shown in FIG.

If HTTPS access a "your link is not private link" or "your link is not safe", please refer to the "HTTPS browser access issues" article.

3. Problems and Solutions

3.1 Access Issues static resources

Demo Janus calling procedure's error, as shown below:

Solution
1, to modify /etc/nginx/conf.d/default.confthe configuration as follows:

** Note: ** increased static resource request process
2, then, restart nginx

3.2 calls Janus request appears CORS question (cross-domain)

Demo Janus calling procedure's error, as shown below:

Solution
1, through the reverse proxy Janus Nginx request, modify /etc/nginx/conf.d/default.confthe configuration as follows:

** Note: ** increased janus requests /janusand management requests /admina reverse proxy
2, then, restart nginx

4. References

Nginx configuration in detail
https://www.cnblogs.com/knowledgesea/p/5175711.html