rfc5766-turn-server - 如何启用TLS和HTTP CONNECT方法呢？

本文介绍了rfc5766-turn-server - 如何启用TLS和HTTP CONNECT方法呢？的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我有以下设置rfc5766-turn-server但我还不知道如何启用TLS在turnserver.conf？

I have this following setup for rfc5766-turn-server but i am not sure yet how to enable the TLS in turnserver.conf?

有什么想法，缺少什么来确保TLS被激活，还有什么相关的来源丢失？

Any idea what is missing to make sure TLS is activated and what else related sources are missing?

# cat turnserver.conf
user=root:root
realm=x.x.x.x
#no-tls
#no-dtls
syslog
aux-server=x.x.x.x:80
aux-server=x.x.x.x:443

问题：当TURN客户端与以下原语连接时，到TURN服务器上，然后有自动TURN会话关闭问题。

Problem: When TURN client connects with following primitives, to that above TURN server then there is auto TURN session close issue.

config: '{"iceServers":[{"urls":"stun:stun.l.google.com:19302"},        
         {"credential":"root","urls":"turn:root@XXXXX:443?transport=tcp"}], 
          "iceTransports":"relay"}';

注意：443 TCP

NOTE: 443 TCP

/ p>

config: '{"iceServers":[{"urls":"stun:stun.l.google.com:19302"},        
         {"credential":"root","urls":"turn:root@XXXXX:80?transport=tcp"}], 
          "iceTransports":"relay"}';

注意：80 TCP

推荐答案

我想我已经回答这个问题了，希望能帮助稍后会解决这个问题的人。

I guess I am answering the question bit late, hoping it would help the people who will stumble upon this question later on.

不认为你可以直接添加用户在TURN配置文件，一个单独的flatfile /一些数据库或部分命令启动 turnserver （或通过 turnadmin ）

I do not think you can add users in the TURN config files directly, either a seperate flatfile/ some db or part of command for starting turnserver ( or through turnadmin)

假设侦听ip是 XXXXX PPP （从我的理解，这个端口可以是任何你想要的，不管传输是 udp 还是 tcp ，如果你运行在端口< 1024你需要提高访问）

let assume listening ip is XXXXX and port PPP( from what I understand, this port can be whatever you want, irrespective of the transport being udp or tcp and the if you are running on port <1024 you are gonna need elevated access)

使用turnconfig文件（turnconfig.conf） p>

using turnconfig file(turnconfig.conf):

listening-ip=XXXXX
tls-listening-port=PPP
cert=( certificate location)
pkey=( private key location)
lt-cred-mech
realm=someRealm
log-file=/var/tmp/turn.log
no-sslv2
no-sslv3

启动cmd可以是 turnserver -v -c turnconfig.conf -o -u user：root

没有配置文件：

turnserver --tls-listening-port PPP -L XXXXX -r someRealm -a -o -v -n -u user:root -l '/var/tmp/turn.log' --no-sslv2 --no-sslv3

注意：托管在NAT之后（通常在Amazon EC2的情况下），需要另一个费用 external-ip 。

Note: is this is hosted behind NAT( usually in the case of Amazon EC2), another feild external-ip is required.

和config（在WebRTC应用程序上的RTCPeerConnection）是：

and config( of RTCPeerConnection on WebRTC app) is :

config: {
            'iceServers':[
                {
                    'url': 'stun:stun.l.google.com:19302' 
                },
                {   
                    'url': 'turn:user@XXXXX:PPP?transport=udp',
                    'credential': 'root'
                },
                {   
                    'url': 'turn:user@XXXXX:PPP?transport=tcp',
                    'credential': 'root'
                }
            ]
    };

以生成证书和私钥，可以使用 openssl ：

as for generating the certificate and private key, you can use openssl:

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 3001 -nodes

这篇关于rfc5766-turn-server - 如何启用TLS和HTTP CONNECT方法呢？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！