Connecting via rtmps to Red5 server
Hi, I have been led to stunnel as the way to get a Flash application to communicate securely with Red5 server. Red5 doesn't directly support ssl connectivity but using rtmps protocol (rtmp tunnelled via https) clients should be able to connect to Red5 if stunnel handles the encrypted traffic on port 443 and passes unencrypted communications back and forth to the Red5 on a port it expects to receive rtmp communication.. (refer http://www.adobe.com/devnet/flashcom/articles/firewalls_proxy04.html) The log file I get when I attempt to talk rtmps is shown below 2007.04.25 18:19:04 LOG7[3932:3384]: New thread created 2007.04.25 18:19:04 LOG7[3932:3664]: https started 2007.04.25 18:19:04 LOG7[3932:3664]: FD 224 in non-blocking mode 2007.04.25 18:19:04 LOG7[3932:3664]: TCP_NODELAY option set on local socket 2007.04.25 18:19:04 LOG5[3932:3664]: https accepted connection from 127.0.0.1:1249 2007.04.25 18:19:04 LOG7[3932:3664]: FD 248 in non-blocking mode 2007.04.25 18:19:04 LOG7[3932:3664]: https connecting 127.0.0.1:1935 2007.04.25 18:19:04 LOG7[3932:3664]: connect_wait: waiting 10 seconds 2007.04.25 18:19:04 LOG7[3932:3664]: connect_wait: connected 2007.04.25 18:19:04 LOG5[3932:3664]: https connected remote server from 127.0.0.1:1250 2007.04.25 18:19:04 LOG7[3932:3664]: Remote FD=248 initialized 2007.04.25 18:19:04 LOG7[3932:3664]: TCP_NODELAY option set on remote socket 2007.04.25 18:19:04 LOG7[3932:3664]: SSL state (connect): before/connect initialization 2007.04.25 18:19:04 LOG7[3932:3664]: SSL state (connect): SSLv3 write client hello A 2007.04.25 18:24:04 LOG6[3932:3664]: init_ssl: s_poll_wait timeout 2007.04.25 18:24:04 LOG5[3932:3664]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2007.04.25 18:24:04 LOG7[3932:3664]: https finished (0 left) The stunnel.conf file has the following settings that pertain specifically to this situation client = yes [https] accept = 443 connect = 1935 What I seem to see (according to the logfile) is that an ssl connection is successfully established but no subsequent communication takes place after the connection has been made. At this point my Flash application doesn't send any messages via the ssl connection which seems to implicate my client as being the source of my problem. I would appreciate any advice on how I can best investigate this whole situation to resolve the issue. Regards, David Schulberg email: davids@evertech.com.au
David Schulberg wrote:
Red5 doesn’t directly support ssl connectivity but using rtmps protocol (rtmp tunnelled via https) clients should be able to connect to Red5 if stunnel handles the encrypted traffic on port 443 and passes unencrypted communications back and forth to the Red5 on a port it expects to receive rtmp communication..
(refer http://www.adobe.com/devnet/flashcom/articles/firewalls_proxy04.html)
So you have stunnel running on the server-side, awaiting SSL connections from the Flash application, right?
client = yes
in which case, you need to be running stunnel in server mode, i.e. without this line. HTH, Y.
OK that makes perfect sense to have client=no but in this case the SSL socket connection gets created only to shut itself down in 4 seconds. Why should this happen? 2007.04.26 07:21:44 LOG7[3568:2316]: connect_wait: waiting 10 seconds 2007.04.26 07:21:44 LOG7[3568:2316]: connect_wait: connected 2007.04.26 07:21:44 LOG5[3568:2316]: https connected remote server from 127.0.0.1:1360 2007.04.26 07:21:44 LOG7[3568:2316]: Remote FD=248 initialized 2007.04.26 07:21:44 LOG7[3568:2316]: TCP_NODELAY option set on remote socket 2007.04.26 07:21:48 LOG7[3568:2316]: SSL socket closed on SSL_read 2007.04.26 07:21:48 LOG7[3568:2316]: Socket write shutdown 2007.04.26 07:21:48 LOG5[3568:2316]: Connection closed: 0 bytes sent to SSL, 0 bytes sent to socket 2007.04.26 07:21:48 LOG7[3568:2316]: https finished (0 left) -----Original Message----- From: RUTSCHLE Yves [mailto:yves.rutschle@c-s.fr] Sent: Thursday, 26 April 2007 12:51 AM To: davids@evertech.com.au Cc: stunnel-users@mirt.net Subject: Re: [stunnel-users] Connecting via rtmps to Red5 server David Schulberg wrote:
Red5 doesn't directly support ssl connectivity but using rtmps protocol (rtmp tunnelled via https) clients should be able to connect to Red5 if stunnel handles the encrypted traffic on port 443 and passes unencrypted communications back and forth to the Red5 on a port it expects to receive rtmp communication..
(refer http://www.adobe.com/devnet/flashcom/articles/firewalls_proxy04.html)
So you have stunnel running on the server-side, awaiting SSL connections from the Flash application, right?
client = yes
in which case, you need to be running stunnel in server mode, i.e. without this line. HTH, Y.
participants (2)
-
David Schulberg -
RUTSCHLE Yves