Config Collinder error

[einsteinarbert]

Here is my constans.py

ICE_SERVER_OVERRIDE = [
  {
    "urls": [
      "stun:stun.l.google.com:19302"
    ]
  },
  {
    "urls": [
      "turn:my_ip_address:3478?transport=udp"
    ],
    "username": "my_account",
    "credential": "password"
  },
  {
    "urls": [
      "turn:my_ip_address:3479?transport=udp"
    ],
    "username": "my_account",
    "credential": "password"
  }
]

TURN_SERVER_OVERRIDE = [
  {
    "urls": "turn:my_ip_address:3478",
    "username": "my_account",
    "credential": "password"
  },
  {
    "urls": "stun:stun.l.google.com:19302"
  }
]

TURN_BASE_URL = 'http://my_url.com'
TURN_URL_TEMPLATE = '%s/turn?username=%s&key=%s'
CEOD_KEY = ''

ICE_SERVER_BASE_URL = 'http://my_url.com'
ICE_SERVER_URL_TEMPLATE = '%s/v1alpha/iceconfig?key=%s'
ICE_SERVER_API_KEY = os.environ.get('ICE_SERVER_API_KEY')

# Dictionary keys in the collider instance info constant.
WSS_INSTANCE_HOST_KEY = 'my_ip_address:8443'
WSS_INSTANCE_NAME_KEY = 'wsserver-std'
WSS_INSTANCE_ZONE_KEY = 'us-central1-a'
WSS_INSTANCES = [{
    WSS_INSTANCE_HOST_KEY: 'my_ip_address:8443',
    WSS_INSTANCE_NAME_KEY: 'wsserver-std',
    WSS_INSTANCE_ZONE_KEY: 'us-central1-a'
}, {
    WSS_INSTANCE_HOST_KEY: 'apprtc-ws-2.webrtc.org:443',
    WSS_INSTANCE_NAME_KEY: 'wsserver-std-2',
    WSS_INSTANCE_ZONE_KEY: 'us-central1-f'
}]

WSS_HOST_PORT_PAIRS = [ins[WSS_INSTANCE_HOST_KEY] for ins in WSS_INSTANCES]

When I run it, my apprtc return error:
WebSocket open error: WebSocket error.
So, I don't understand what keys mean:
WSS_INSTANCE_HOST_KEY: 'my_ip_address:8443',
WSS_INSTANCE_NAME_KEY: 'wsserver-std',
WSS_INSTANCE_ZONE_KEY: 'us-central1-a'
When I change to default in original code, it work but ONLY via Wifi, No mobile network working, I also run turnserver in port 3478 and collinder in 8443 with pem files.
So any one can tell me how to test collinder and turnserver config successfully for mobile connecting?

[einsteinarbert]

finnaly resolved problem:
https://stackoverflow.com/questions/55372070/anyone-success-in-config-collinder-for-apprtc/55520162#55520162

Just config ICE servers like this:

ICE_SERVER_OVERRIDE = [
    {
        "urls": [
        "stun:stun.l.google.com:19302"
        ]
    },
    {
        "urls": [
        "turn:my_ip_address:3478"
        ],
        "username": "my_account",
        "credential": "my_password"
    }
]

ICE_SERVER_BASE_URL = 'http://my_url.com'
ICE_SERVER_URL_TEMPLATE = '%s/v1alpha/iceconfig?key=%s'
ICE_SERVER_API_KEY = os.environ.get('ICE_SERVER_API_KEY')

and in /etc/turnserver.conf

cert=/root/cert.pem
pkey=/root/key.pem

listening-port=3478
tls-listening-port=5349

listening-ip=my_ip_address

relay-ip=my_ip_address
external-ip=my_ip_address

realm=my_web_address
server-name=my_web_address

#lt-cred-mech
userdb=/etc/turnuserdb.conf
oauth
user=my_account:my_password
no-stdout-log

Reson of error is: when I config "lt-cred-mech" authentication, It was failed.

So, I change it to "oauth": It Worked.

test Turn Server (Collinder) in this website:

https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/

# The result very fast (like sturn url of Google):
0.005	1	host	3868393361	udp	192.168.1.157	35353	126 | 30 | 255
0.006	1	host	891932622	udp	xxxx:xxxx:12c7:xxxx:247e:xxxx:3c18:xxxx	51606	126 | 40 | 255
0.009	1	srflx	842163049	udp	aa.bb.cc.dd	3341	100 | 30 | 255
0.062	1	relay	3031532034	udp	my_turn_ip_address	62030	2 | 30 | 255
0.105	Done
0.109

[EliosSs]

Hi @einsteinarbert how are you? ehmmm I am also trying to launch the AppRTC server, but I have some doubts. Maybe you can help me with some of those?
(1)first, how do you know the coturn server is listening on port 3478? I already installed coturn server, and I run it with the command:
turnserver -L 192.168.25.82 -a -f -r north.gov

But the difference is that I don't have a file called turnserver.conf in my /etc folder.

(2) second, ehmm regarding to th collider variables, if I am using the collider configurations placed in the collider repo to launch locally as a daemon.
Should I use the option that states "If using Google Cloud Engine VM's for Collider" and modifies the three constants into the file "contants.py" ? Or I just need to use the other option that just modifies the
"WSS_INSTANCE_HOST_KEY" variable?

I am just starting with all this google cloud stuff and there are some things that I don't understand quite well, sorry if some questions are stupid or something. My intention is not to waste your time, If you do not have enought time to answer my questions you can also tel me where to read about it.
I will appreciate your help alot!.

Regards.

Eliomar

[einsteinarbert]

1) turnserver config here, just start with no arg, it will read in config file: [root@ctr486333 ~]# cat /etc/turnserver.conf cert=/root/cert.pem pkey=/root/key.pem listening-port=3478 tls-listening-port=5349 listening-ip=my_ip_addr relay-ip=my_ip_addr external-ip=my_ip_addr realm=my_db_name server-name=my_ip_addr #lt-cred-mech userdb=/etc/turnuserdb.conf oauth user=my_user:passwd no-stdout-log 2) I think No need to run Collinder in Gcloud because I test ok in my server, BUT - I cannot add cert file to apprtc in google clound util now show just try using gcloud or not... If you run Collinder in local, you should edit apprtc constant.py: WSS_INSTANCE_HOST_KEY = 'your_collinder_addr:collinder_port' WSS_INSTANCE_NAME_KEY = 'wsserver-std' WSS_INSTANCE_ZONE_KEY = 'us-central1-a' WSS_INSTANCES = [{ WSS_INSTANCE_HOST_KEY: 'your_collinder_addr:collinder_port', WSS_INSTANCE_NAME_KEY: 'collinder-2', WSS_INSTANCE_ZONE_KEY: 'any-thing-02' }, { WSS_INSTANCE_HOST_KEY: 'admasterlife.com:collinder_port', WSS_INSTANCE_NAME_KEY: 'collinder-1', WSS_INSTANCE_ZONE_KEY: 'any-thing-01' }] Vào Th 2, 26 thg 8, 2019 vào lúc 09:38 Eliomar Conde < notifications@github.com> đã viết:

…

Hi @einsteinarbert <https://github.com/einsteinarbert> how are you? ehmmm I am also trying to launch the AppRTC server, but I have some doubts. Maybe you can help me with some of those? (1)first, how do you know the coturn server is listening on port 3478? I already installed coturn server, and I run it with the command: turnserver -L 192.168.25.82 -a -f -r north.gov But the difference is that I don't have a file called turnserver.conf in my /etc folder. (2) second, ehmm regarding to th collider variables, if I am using the collider configurations placed in the collider repo to launch locally as a daemon. Should I use the option that states "If using Google Cloud Engine VM's for Collider" and modifies the three constants into the file "contants.py" ? Or I just need to use the other option that just modifies the "WSS_INSTANCE_HOST_KEY" variable? I am just starting with all this google cloud stuff and there are some things that I don't understand quite well, sorry if some questions are stupid or something. My intention is not to waste your time, If you do not have enought time to answer my questions you can also tel me where to read about it. I will appreciate your help alot!. Regards. Eliomar — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#615?email_source=notifications&email_token=ACELXBAWCQVJGQNWHDOREQDQGM62JA5CNFSM4HAWHRMKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5DDFAA#issuecomment-524694144>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACELXBGRHMQSDOTY3TFT6YDQGM62JANCNFSM4HAWHRMA> .

[EliosSs]

Wow, thanks for your fast answer @einsteinarbert . Ok I am already doing that you say.
I ran turnserver with no arguments. As I don't have the turnserver.conf in the /etc folder, thanks for passing me the config file, I will copy that.
I just noticed that precisely there is a warning that says:
" WARNING: Cannot find config file: turnserver.conf. Default and command-line settings will be used."

(2) Ok, so I am using the collider but running on my PC locally (no google cloud engine VM, I guess, right?)
it is basically the "WSS_INSTANCE_HOST_KEY" who takes the changes of the ip and collider port.
I will try this, can I come back if I have any other issue?

Again, thank you very much for your help.

[EliosSs]

Hey again @einsteinarbert . How are you? I hope you're well.
I wanted to thank you a lot for the help with the Coturn server. I placed a /etc/turnserver.conf as you told me.
Actually, this is my textual turnserver.conf file:

cert=/cert/cert.pem
pkey=/cert/key.pem

listening-port=3478
tls-listening-port=5349

listening-ip=192.168.25.82

relay-ip=192.168.25.82
external-ip=192.168.25.82

realm=north.gov
server-name=norht.gov

#lt-cred-mech
userdb=/etc/turnuserdb.conf
oauth
user=eliocon:041622740602
no-stdout-log

I suppose now that my coturn server is running 100% successfully because it is not yielding any warning and the only print outs thet it gives are:

$ sudo turnserver 
0: log file opened: /var/log/turn_18709_2019-08-27.log
0: Listener address to use: 192.168.25.82
0: Relay address to use: 192.168.25.82

(I run with sudo because it was throwing an error of creating a .pid file in root directories).

Ok, having said that.
(1) I am still having some problems, because after that, my AppRTC is just doing the same as beginning. NOTHING hahaha.

I run the command
$ dev_appserver.py --host=192.168.25.82 ./out/app_engine/

when I go to the website http://192.168.25.82:8080, it is just a complete grey screen, with no buttons or frames for the camera, and when I open the chrome console it says the following

GET http://192.168.25.82:8080/js/apprtc.debug.js net::ERR_ABORTED 404 (Not Found)
(index):159 Uncaught ReferenceError: AppController is not defined at initialize ((index):159)
    at (index):170

And in the console says:

INFO     2019-08-27 03:57:43,292 apprtc.py:95] Applying media constraints: {'video': {'optional': [{'minWidth': '1280'}, {'minHeight': '720'}], 'mandatory': {}}, 'audio': True}
WARNING  2019-08-27 03:57:43,306 apprtc.py:139] Invalid or no value returned from memcache, using fallback: null
INFO     2019-08-27 03:57:43,747 module.py:861] default: "GET / HTTP/1.1" 200 8384
INFO     2019-08-27 03:57:45,093 module.py:861] default: "GET /css/main.css HTTP/1.1" 304 -
INFO     2019-08-27 03:57:45,134 module.py:861] default: "GET /js/apprtc.debug.js HTTP/1.1" 404 -

I don't know why is that happening, that's the same error that I found in some post of the past, but no one says the solution. (some of the people just say that running it on localhost without the information of the ip will sole the problem, but the result is the same and I would like to use with other devices in my own local network).

I know the fact that getUserMedia() function does not run in a network without https, but how can I enable the https protocol for it? it is not automatic? my coturn and local collider are running with openssl certificates with all ok. I really don't know how I could fix this.

(2) One thing that I am realizing is that none program is trying to connect with my local collider server, because the log does not record anything and when I try to connect manually to the address e.g: https:192.168.25.82:443.

It says:

2019/08/27 00:34:52 http: TLS handshake error from 192.168.25.82:40646: remote error: tls: unknown certificate
2019/08/27 00:34:52 http: TLS handshake error from 192.168.25.82:40570: EOF
2019/08/27 00:34:52 http: TLS handshake error from 192.168.25.82:40572: EOF

I also don't know what does it means, but I suppose it is not a good thing.

This is related in some way to the error described above?

My variables inside the constants.py file related to the collider are the following:

# Dictionary keys in the collider instance info constant.
WSS_INSTANCE_HOST_KEY = '192.168.25.82:443'
WSS_INSTANCE_NAME_KEY = 'wsserver-std'
WSS_INSTANCE_ZONE_KEY = 'us-central1-a'
WSS_INSTANCES = [{
    WSS_INSTANCE_HOST_KEY: '192.168.25.82:443',
    WSS_INSTANCE_NAME_KEY: 'collider-2',
    WSS_INSTANCE_ZONE_KEY: 'any-thing-02'
}, {
    WSS_INSTANCE_HOST_KEY: '192.168.25.82:443',
    WSS_INSTANCE_NAME_KEY: 'collider-1',
    WSS_INSTANCE_ZONE_KEY: 'ant-thing-01'
}]

Just exactly as you suggested.

May I indicate something like "https://192.168.25.82:443" to indicate an https protocol textually?

As a last point, (3) in my code segment of constants.py corresponding to the TURN and STUN server I have the following:

ICE_SERVER_OVERRIDE  = [
  {
    "urls": [
      "turn:192.168.25.82:3478"
    ],
    "username": "eliocon",
    "credential": "041622740602"
  },
  {
    "urls": [
      "stun:192.168.25.82:3478"
    ]
  }
]

What does it means that you have the line "stun:stun.l.google.com:19302" instead of your own IP and the STUN/TURN server?
is not the TURN server supposed to be a STUN server too?

I think all the three things are related with the same, (I'm just guessing), I sated as three poins for better understanding. Sorry to fill you out with too many questions. it's just there is not much help in this repository anymore.
Once more time, thanks very much for all your help in advance.

Regards.

Eliomar

[einsteinarbert]

For testing turn server: https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
You should compare google link or some turnserver's successful link with your turn server link
No need this link:

"stun:stun.l.google.com:19302"

do you have two config file for turnserver?

[root@ctr486333 ~]# ls /etc/turn
turnserver.conf  turnuserdb.conf
[root@ctr486333 ~]# cat !$
cat /etc/turnuserdb.conf
usrname:passwd

I can see you are using wrong SSL config, if your collinder run with https config, you must run apprtc in ssl mode

2019/08/27 00:34:52 http: TLS handshake error from 192.168.25.82:40646: remote error: tls: unknown certificate

For run apprtc test in ssl mode, run this command:
nohup /root/project/gooogleSDK/google-cloud-sdk/bin/dev_appserver.py --ssl_certificate_path /root/public.crt --ssl_certificate_key_path /root/key.pem --enable_host_checking false --dev_appserver_log_level debug --go_debugging true --host your_host.com --specified_service_ports default:552 /root/app_engine/ &
552 is http port and 553 is https port of your apprtc local, key.pem is RSA private key of your host, public.crt is your public cert file. Note that your Collinder must to use same two certs file above:
nohup /root/project/goWorkspace/bin/collidermain -tls=true -port=8443 -room-server=https://your_host.com &
Collinder cert file placed in:

 tree /root/project/goWorkspace/cert
/root/project/goWorkspace/cert
├── cert.pem
└── key.pem

content of cert.pem is same as public.crt file
using command for test port: netstat -tupln

[EliosSs]

The first time that I ran the coturn server with the /etc/turnserver.conf file I didn't have that file, it seems that the program created a /etc/turnuserdb.conf file by default to run. With this default file (this file does not have comprehensive data, I don't know why) the print-out in console was that one that I placed in the last message.
And example of that default turnuserdb.conf file that the program created is:

$cat /etc/turnuserdb.conf 
{���Y� format 3���@ �.��
> �
 �
  Y
�
 	�
�	��
�!!��_tableadmin_useradmin_user�CREATE TABLE admin_user (name varchar(32), realm varchar(127), password varchar(127), primary key (name))3���G������tableoauth_keyoauth_keyCREATE TABLE oauth_key (kid varchar(128),ikm_key varchar(256),timestamp bigint default 0,lifetime integer default 0,as_rs_alg varchar(64) default '',realm varchar(127) default '',primary key (kid))1��E��indexsqlite_autoindex_oauth_key_1oauth_key�+
                                                               �//��tableturn_realm_optionturn_realm_option
                                    CREATE TABLE turn_realm_option (realm varchar(127) default '',	opt varchar(32),	value varchar(128),	primary key (realm,opt))A

Now I deleted that turnuserdb.conf file and I created a new one with the ino that you say there and the output is this:

0: log file opened: /var/log/turn_5545_2019-08-28.log
0: Listener address to use: 192.168.25.82
0: Relay address to use: 192.168.25.82
1: ERROR: Error retrieving SQLite DB information: file is not a database

I suppose this error message is not good and I should keep the default file right? Or what should I do?

[einsteinarbert]

oh maybe my mistake, but let's show me your */etc/turnserver.conf* file, this file should be created manually. And checking corturn server via web: https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/ my /etc/turnuserdb.conf file only have info: *usrname:passwd *That I created by myself, and config in /*etc**/turnserver.conf *like my reply above :)

…

On Thu, Aug 29, 2019, 10:34 Eliomar Conde ***@***.***> wrote: The first time that I ran the coturn server with the */etc/turnserver.conf* file I didn't have that file, it seems that the program created a */etc/turnuserdb.conf* file by default to run. With this default file (this file does not have comprehensive data, I don't know why) the print-out in console was that one that I placed in the last message. And example of that default turnuserdb.conf file that the program created is: $cat /etc/turnuserdb.conf {���Y� format 3���@ �.�� > � � Y � � � �� �!!��_tableadmin_useradmin_user�CREATE TABLE admin_user (name varchar(32), realm varchar(127), password varchar(127), primary key (name))3���G������tableoauth_keyoauth_keyCREATE TABLE oauth_key (kid varchar(128),ikm_key varchar(256),timestamp bigint default 0,lifetime integer default 0,as_rs_alg varchar(64) default '',realm varchar(127) default '',primary key (kid))1��E��indexsqlite_autoindex_oauth_key_1oauth_key�+ �//��tableturn_realm_optionturn_realm_option CREATE TABLE turn_realm_option (realm varchar(127) default '', opt varchar(32), value varchar(128), primary key (realm,opt))A Now I deleted that turnuserdb.conf file and I created a new one with the ino that you say there and the output is this: 0: log file opened: /var/log/turn_5545_2019-08-28.log 0: Listener address to use: 192.168.25.82 0: Relay address to use: 192.168.25.82 1: ERROR: Error retrieving SQLite DB information: file is not a database I suppose this error message is not good and I should keep the default file right? Or what should I do? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#615?email_source=notifications&email_token=ACELXBC4OX7M7CTBJSW7Z4DQG47VVA5CNFSM4HAWHRMKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5NDU2Y#issuecomment-526006891>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACELXBCHXEQ53432U72TAJ3QG47VVANCNFSM4HAWHRMA> .

[EliosSs]

Regarding to the tests of the STUN and TURN server, I tested my STUN/TURN server and obtained the following results:

Running the command $ sudo turnserver -X 186.214.68.214/192.168.25.82 (To indicate that the turn server is running through a NAT.

the STUN server stun:192.168.25.82:3478

the STUN google server "stun:stun.l.google.com:19302"

The TURN server turn:192.168.25.82:3478 [username:password]

A TURN server called turn:numb.viagenie.ca [webrtc@live.com:muazkh]

According to the similarity of the STUN's and TURN's tests I can say that my STUN/TURN server is successfully working, right?.

(1) However, I just have one curiosity. Do you know why when I shut down the STUN server and run the trickle the result is quite similar to the google STUN server, with the difference of the public IP.

Another thing is, if I run the turnserver command withouth the -X argument, that is, $ sudo turnserver -L 192.168.25.82 -a -f (without a public IP)

And I run the trickle, the result is almost the same of the one with the STUN server down, except for the last timestamp. But well, I guess this is not too much important.

Let's go to what really matters
I ran the command almost exactly as you told me, except for the ssl files and the port, the command is:

$dev_appserver.py --ssl_certificate_path /cert/cert.pem --ssl_certificate_key_path /cert/key.pem --enable_host_checking false --dev_appserver_log_level debug --go_debugging true --host=192.168.25.82 --specified_service_ports default:12345 ./out/app_engine/

Due to the debug argument, I will place only the important results, the apprtc initialized ok, but when
went to the site http://192.168.25.82:

Initialization

INFO     2019-08-29 05:18:09,002 api_server.py:275] Starting API server at: http://localhost:36245
INFO     2019-08-29 05:18:09,200 dispatcher.py:256] Starting module "default" running at: http://192.168.25.82:12345 and https://192.168.25.82:12346
INFO     2019-08-29 05:18:09,203 admin_server.py:150] Starting admin server at: http://localhost:8000

the error:

Exception in thread WSGI select:
Traceback (most recent call last):
  File "/usr/lib/python2.7/threading.py", line 801, in __bootstrap_inner
    self.run()
  File "/usr/lib/python2.7/threading.py", line 754, in run
    self.__target(*self.__args, **self.__kwargs)
  File "/home/eliomarconde/Documents/Elio/Software/google-cloud-sdk/platform/google_appengine/google/appengine/tools/devappserver2/wsgi_server.py", line 166, in _loop_forever
    self._select()
  File "/home/eliomarconde/Documents/Elio/Software/google-cloud-sdk/platform/google_appengine/google/appengine/tools/devappserver2/wsgi_server.py", line 188, in _select
    fd_to_callback[fd]()
  File "/home/eliomarconde/Documents/Elio/Software/google-cloud-sdk/platform/google_appengine/lib/cherrypy/cherrypy/wsgiserver/wsgiserver2.py", line 1902, in tick
    s, ssl_env = self.ssl_adapter.wrap(s)
  File "/home/eliomarconde/Documents/Elio/Software/google-cloud-sdk/platform/google_appengine/lib/cherrypy/cherrypy/wsgiserver/ssl_builtin.py", line 52, in wrap
    keyfile=self.private_key, ssl_version=ssl.PROTOCOL_SSLv23)
  File "/usr/lib/python2.7/ssl.py", line 949, in wrap_socket
    ciphers=ciphers)
  File "/usr/lib/python2.7/ssl.py", line 617, in __init__
    self.do_handshake()
  File "/usr/lib/python2.7/ssl.py", line 846, in do_handshake
    self._sslobj.do_handshake()
SSLError: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:727)

and the chrome web browser says:
This site can’t be reached 192.168.25.82 took too long to respond.

Apparently, a ssl error is still present. because in the console of the collider server this message appears again.

2019/08/29 02:25:49 http: TLS handshake error from 192.168.25.82:50634: EOF
2019/08/29 02:26:27 http: TLS handshake error from 192.168.25.82:51224: EOF

I am using the same ssl files, maybe is because I need to use other ssl files? cert.pem and key.pem?
I was looking in the internet for related errors or something and I didn't found anything. have you ever seen that error?

Again, I appreciate a lot your help, I think I have advanced more these days than the last weeks. Excuse to waste your time =(.

Thanks very much in advance.

Eliomar.

[EliosSs]

You're here =).

My turnserver.conf file is the following:

cert=/cert/cert.pem
pkey=/cert/key.pem

listening-port=3478
tls-listening-port=5349

listening-ip=192.168.25.82

relay-ip=192.168.25.82
external-ip=192.168.25.82

realm=north.gov
server-name=norht.gov

#lt-cred-mech
userdb=/etc/turnuserdb.conf
oauth
user=eliocon:041622740602
no-stdout-log

and yes, I created mannually based on yours.

[einsteinarbert]

Does your ssl file valid? I bought SSL cert with my domain and VPS, Note that manual create SSL file by openssl command maybe error invalid ssl. If you don't using ssl, just run collinderman and turnserver in no-ssl mode by read the manual page: $GOPATH/bin/collidermain -port=port_num -tls=false and remove tls config in /etc/turnserver.conf P/S must to remove sturn server of Google from constant.py in APPRTC because result of testing will be could not recognize I known read the main page of apprtc and my comment is too hard to find the right error. But please try more and more :D

[einsteinarbert]

P/S Do you rebuild apprtc with only default config in constant.py and test does it work? find all topic written by me (hieu19926@gmail.com, einsteinarbert) about Apprtc and find the way to successfully. good luck.

…

[EliosSs]

Hey einstain. ok ok. I am going to do those tests that you say. Yes I built the apprtc with the new constant.py modifications and the behaviour was the same.Thanks very much for your help.

Certainly I am using ssl certificates created by using openssl. But ideally that shoud not b a problem right?

Again, thanks A LOT for your help. I will be looking for a solution and I'll tell you.

[einsteinarbert]

no, i use my website's ssl when i bought domain, if you don't have valid ssl(not create by openssl), just config for non-ssl but only chrome will run ok, android cannot run without valid ssl

…

On Sun, Sep 1, 2019, 11:40 Eliomar Conde ***@***.***> wrote: Hey einstain. ok ok. I am going to do those tests that you say. Yes I built the apprtc with the new constant.py modifications and the behaviour was the same.Thanks very much for your help. Certainly I am using ssl certificates created by using openssl. But ideally that shoud not b a problem right? Again, thanks A LOT for your help. I will be looking for a solution and I'll tell you. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#615?email_source=notifications&email_token=ACELXBDPXYB2BU2UNYQT5NTQHNBVJA5CNFSM4HAWHRMKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5T2JCQ#issuecomment-526886026>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACELXBACCD35LRT6P3HW3TTQHNBVJANCNFSM4HAWHRMA> .

[EliosSs]

ahh ok ok, but your local tests you did without ssl? it's because for the moment I just need to use the apprtc in the local network for my own devices. And I have read that getUserMedia() function does not work without localhost if it does not use https protocol. I even did some tests in the codelab and it is right, without ssl I can't acceed to media devices

[einsteinarbert]

yes of course, It will work without ssl in local network

…

On Sun, Sep 1, 2019, 12:09 Eliomar Conde ***@***.***> wrote: ahh ok ok, but your local tests you did without ssl? it's because for the moment I just need to use the apprtc in the local network for my own devices. And I have read that getUserMedia() function does not work without localhost if it does not use https protocol — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#615?email_source=notifications&email_token=ACELXBF4RVTBJ6JVYJPTGBTQHNFA3A5CNFSM4HAWHRMKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5T2Q5Q#issuecomment-526887030>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACELXBAPUNRPNV32H2PZM7LQHNFA3ANCNFSM4HAWHRMA> .

[EliosSs]

Ok, I already tested in no-tls mode and localhost, with the command of the collider as you told me.

$GOPATH/bin/collidermain -port=port_num -tls=false

My new turnserver.conf file is the following

#cert=/cert/cert.pem
#pkey=/cert/key.pem

listening-port=3478
#tls-listening-port=5349
no-tls
no-dtls

listening-ip=192.168.25.82
listening-ip=localhost

relay-ip=192.168.25.82
external-ip=179.186.57.226/192.168.25.82

realm=north.gov
server-name=north.gov

#lt-cred-mech
userdb=/etc/turnuserdb.conf
oauth
user=eliocon:041622740602
#no-stdout-log

changed the constants.py section:

ICE_SERVER_OVERRIDE  = [
  {
    "urls": [
      "turn:localhost:3478"
    ],
    "username": "eliocon",
    "credential": "041622740602"
  },
  {
    "urls": [
      "stun:localhost:3478"
    ]
  }
]

ICE_SERVER_BASE_URL = 'https://networktraversal.googleapis.com'
ICE_SERVER_URL_TEMPLATE = '%s/v1alpha/iceconfig?key=%s'
ICE_SERVER_API_KEY = os.environ.get('ICE_SERVER_API_KEY')

# Dictionary keys in the collider instance info constant.
WSS_INSTANCE_HOST_KEY = 'localhost:8089'
WSS_INSTANCE_NAME_KEY = 'wsserver-std'
WSS_INSTANCE_ZONE_KEY = 'us-central1-a'
WSS_INSTANCES = [{
    WSS_INSTANCE_HOST_KEY: 'localhost:8089',
    WSS_INSTANCE_NAME_KEY: 'collider-2',
    WSS_INSTANCE_ZONE_KEY: 'any-thing-02'
}, {
    WSS_INSTANCE_HOST_KEY: 'localhost:8089',
    WSS_INSTANCE_NAME_KEY: 'collider-1',
    WSS_INSTANCE_ZONE_KEY: 'ant-thing-01'
}]

Then I launch the collider server and the TURN server. As last I launch the apprtc with the command.

dev_appserver.py ./out/app_engine/

when I go to http://localhost:8080 I get the same output that I described some messages above.
The screen stays green and the browser console says the following:

GET http://localhost:8080/js/apprtc.debug.js 404 (Not Found)
(index):159 Uncaught ReferenceError: AppController is not defined at initialize at (index):170

This is the error described in some other issues in this repo like #426 and I am facing this error since I started trying to use apprtc.

No one has given an answer to this. Have you ever faced this error?. I am a bit frustrated, it can't be that I can't launch apprtc not even in localhost mode. =(

[einsteinarbert]

does collinder log same error?

did you install websocket python library into collinder before you build collinderman ?

[EliosSs]

Now collider does not log anything.
I am not sure, i will check that righ now, but when I installed collider I didn't throw any error of a required library.

Ok, after checking the websocket library, aparently I did not have the websocket library. I already installed using pip

$pip install --user websocket

with a last message that says

Successfully installed gevent-1.4.0 greenlet-0.4.15 websocket-0.2.1

Confirmin the installation of that and the dependency packages, I will reinstall collidermain and test.

I also wanted to ask another thing, it is possible that my problem is related to the fact that when I run the command $grunt build

I have to run with --force parameter because it throwsthe following warning exception

Warning: Exception in thread "main" java.lang.UnsupportedClassVersionError: com/google/javascript/jscomp/CommandLineRunner : Unsupported major.minor version 52.0
	at java.lang.ClassLoader.defineClass1(Native Method)
	at java.lang.ClassLoader.defineClass(ClassLoader.java:791)
	at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
	at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
	at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
	at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
	at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
	at java.lang.ClassLoader.loadClass(ClassLoader.java:423)
	at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
	at java.lang.ClassLoader.loadClass(ClassLoader.java:356)
	at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:480)
 Used --force, continuing.

and it finalizes with the message

Done, but with warnings.

I placed a similar topic some weeks ago for the error in this link but no one has given an answer to this, the link is this #635 in case that you have time to check it.

It can be related to this too? I will go deeper in this problem, and try to solve all of this. I will be reporting to you my advances.

Thanks a lot again.

[EliosSs]

Ok ok apparently it was related with the warning at the moment to run the command $grunt build

The problem was that I was using Java 11 and I had to down to Java 8. It then built with grunt without any warnings. Now I am able to see myself through the webcam in localhost mode on the http://localhost:8080.

It is still giving me this error:

Messages:  
WebSocket open error: WebSocket error.
WebSocket register error: WebSocket error.

in the https://localhost:8080 web site screen, but now at least I can open the webcam and I am already looking for a solution to that websocket problem. I guess it has to be with the collider server,
I alse will be updating here to have a record of the issues for other people who may present the same problems.

Regards.

[EliosSs]

Ok, as I told you I notify here my progress, after installing Java 8 I was presenting the error above, and in the browser console was the error ERR_SSL_PROTOCOL_ERROR.

I managed this disabling the tls mode on the collider server running the command

./bin/collidermain -port=8089 -tls=false

disabling TLS mode in the turnserver (through no-tls argument) All as you suggested to me, thanks very much for this

and running the link localhost:8080/?wstls=false with the last part indicating that the tls is disabled.

The apprtc server was operating normally in the localhost mode.

Now the challenge is to enable the https mode and hence the network mode (outside localhost mode).

Again, thanks very much for your help.

[einsteinarbert]

I run successfully on https in develope mode but when open again the apprtc server failed along bigquery error, so I deployed on google cloud but I can't find the way to add cert file to my deployed apprtc. Google is so suck @@

[EliosSs]

Awww, don't worry you will manage it!. I will be trying the same, to test it in https mode.
If you want I can share with you if I achieve a good operation, by this means or another, and see if I can return the favor. =)

[einsteinarbert]

yeah, Let's deploy on google cloud

…

On Mon, Sep 2, 2019, 21:31 Eliomar Conde ***@***.***> wrote: Awww, don't worry you will manage it!. I will be trying the same, to test it in https mode. If you want I can share with you if I achieve a good operation, by this means or another, and see if I can return the favor. =) — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#615?email_source=notifications&email_token=ACELXBDLK3GNXZX4BLTAQZLQHUPVBA5CNFSM4HAWHRMKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5V7HFA#issuecomment-527168404>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACELXBCVGTPX6SET6N5PAF3QHUPVBANCNFSM4HAWHRMA> .

[einsteinarbert]

Hey bro,
I found that you must run apprtc on website which has ssl same as
ssl of collider to successfully SSL hand shake.
But when you deploy on Gcloud in domain your_project.appspot.com, your
apprtc will has ssl of *.appspot.com that you will never be able to connect to
your collider in your own website. It's SO FUNNY.
The collider will show that error:
remote error: tls: unknown certificate

[EliosSs]

My case is the following, in the local mode of apprtc, I am trying to deploy it with the same SSL certificate that the collider has but I am not having success.
Even with a different certificate than the one that uses the collider, for both cases it throws the error
of SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN that I tod you some messages above.

I was reading some documentation about that error, it seems to be that my local apprtc server does not like or isn't able to read or interact with certificates that are not of that type or version, I suppose some of those things can be modified with deeper knowledge of the code, that I don't have for the moment. Or with the use of other tools like apache, node or something.

Did you manage it to run locally with the same ssl of collider's server?

[einsteinarbert]

ohh, your collider cert.pem file must contain full ssl public and private key like this: -----BEGIN CERTIFICATE----- ......... -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- ......... -----END RSA PRIVATE KEY----- and in key.pem file: -----BEGIN RSA PRIVATE KEY----- ......... -----END RSA PRIVATE KEY----- P/S SSl of collider must same as SSL certificate in apprtc file and all of them must be valid (you should buy them instead of create by openssl)

…

On Wed, Sep 4, 2019, 10:55 Eliomar Conde ***@***.***> wrote: My case is the following, in the local mode of apprtc, I am trying to deploy it with the same SSL certificate that the collider has but I am not having success. Even with a different certificate than the one that uses the collider, for both cases it throws the error of *SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN* that I tod you some messages above. I was reading some documentation about that error, it seems to be that my local apprtc server does not like or isn't able to read or interact with certificates that are not of that type or version, I suppose some of those things can be modified with deeper knowledge of the code, that I don't have for the moment. Or with the use of other tools like apache, node or something. Did you manage it to run locally with the dame ssl of collider's server? — You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub <#615?email_source=notifications&email_token=ACELXBB5A3YSF7W3DLZEAXDQH4WSTA5CNFSM4HAWHRMKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD52IASY#issuecomment-527728715>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACELXBFIM3TXHNHP6GCM3KTQH4WSTANCNFSM4HAWHRMA> .

[EliosSs]

Yeah, I understand that, it's just I would like to do more tests before buying something. I guess I will have to do that to keep testing. It's just that in the future I am pretty sure that I may not use google for what I need to do with apprtc.

In addition to that I guest that ssl problem may be something related with the server coded or maybe the tool used to launch it (dev_appserver.py) because I already have a demo (much less elaborated of course) running with a self-signed certifcate.

But yeah I guess I will have to do that.

[einsteinarbert]

The google-cloud-sdk dev_appengine.py use to run apprtc, therefore Do we run without it or maybe we must to re-create our apprtc room server !!

…

[EliosSs]

Hey again @einsteinarbert ! how are you? I am here again, einstein I wanted to ask to you, are you running your apprtc app in gcloud, right?

[einsteinarbert]

Yes, but I'm confusing that we commented here too much is not good, please email me directly: hieu19926@gmail.com

…