Highlighted

Adobe Connect 10.8 ACTS SSL - Issue

New Here ,
Jun 22, 2020

Copy link to clipboard

Copied

I have installed Adobe connect Server 10.8 and Adobe Connect Transmuxing Service on separate Windows 2019 Servers. Without enabling SSL, I can connect to meeting via HTML5 & Adobe Connect Client without any issues.

I enabled SSL as per the the SSL guides http://blogs.adobe.com/connectsupport/files/2016/04/Connect-SSL-Guide.pdf & https://blogs.adobe.com/connectsupport/adobe-connect-10-1-switch-the-default-acts-service-protocol-f...

After that I am unable to connect meeting via HTML5 & Adobe Connect Client, I am getting error "Preparing Room" in HTML5 and "connecting " error in Adobe Connect Client.

I think, it may be SSL certificate issue, can anyone help me to create .pem & .key certificates using Stunnel.

Thanks in advance.

 

Views

1.8K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Adobe Connect 10.8 ACTS SSL - Issue

New Here ,
Jun 22, 2020

Copy link to clipboard

Copied

I have installed Adobe connect Server 10.8 and Adobe Connect Transmuxing Service on separate Windows 2019 Servers. Without enabling SSL, I can connect to meeting via HTML5 & Adobe Connect Client without any issues.

I enabled SSL as per the the SSL guides http://blogs.adobe.com/connectsupport/files/2016/04/Connect-SSL-Guide.pdf & https://blogs.adobe.com/connectsupport/adobe-connect-10-1-switch-the-default-acts-service-protocol-f...

After that I am unable to connect meeting via HTML5 & Adobe Connect Client, I am getting error "Preparing Room" in HTML5 and "connecting " error in Adobe Connect Client.

I think, it may be SSL certificate issue, can anyone help me to create .pem & .key certificates using Stunnel.

Thanks in advance.

 

Views

1.8K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Jun 22, 2020 0
Adobe Community Professional ,
Jun 23, 2020

Copy link to clipboard

Copied

You should be able to create the PEM and KEY files with the same process you used for the Application (HTTPS) and Media (RTMPS) servers. It would just be for a new FQDN that is specific to the ACTS server(s).

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 23, 2020 0
New Here ,
Jun 24, 2020

Copy link to clipboard

Copied

Thanks for your prompt reply.

Please see my installations and configurations for your reference. Pls let me know where I am wrong.

  1. Server name: actssrv
  2. Selected products: Adobe Connect Server and Adobe Connect Transmuxing Service
  3. Account Name: application
  4. Adobe Connect Host: application.testlab.com
  5. ACTS Host Name: actssrv
  6. ACTS web socket protocol: wss
  7. ACTS Host Name: actssrv
  8. ACTS External Host Name: application.testlab.com
  1. First, I installed Adobe Connect and ACTS on a Windows 2019 server with 3 NICs and assigned 3 IP to each NIC. For example: 192.168.10.100, 192.168.100.101, 192.168.100.102
  2. I created A record in the DNS server: application.testlab.com  192.168.100.100 meeting.testlab.com  192.168.100.101 acts.testlab.com  192.18.100.102
  3. Installed stunnel in c:\connect\stunnel directory and created certs folder in this path.
  4. Then generated 3 certificates using stunnel with these commands:
    • openssl req -new -newkey rsa:2048 -days 365 -nodes -keyout applicationkey.pem -out applicationcert.pem
    • openssl req -new -newkey rsa:2048 -days 365 -nodes -keyout meetingkey.pem -out meetingcert.pem
    • openssl req -new -newkey rsa:2048 -days 365 -nodes -keyout actskey.pem -out actscert.pem
  5. Copied 3 set of keys to c:\connect\stunnel\certs.
  6. stunnel.conf:

; Protocol version (all, SSLv2, SSLv3, TLSv1)

 

; we want TLS1, TLS1.1 and TLS1.2 active, so set =all and then say "not SSLv2, SSLv3" sslVersion = all

options = NO_SSLv2 options = NO_SSLv3

options = DONT_INSERT_EMPTY_FRAGMENTS options = CIPHER_SERVER_PREFERENCE

renegotiation=no fips = no

;Some performance tunings:

socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 TIMEOUTclose=0

; application server SSL / HTTPS [https-vip]

accept = 192.168.10.100:443

connect = 127.0.0.1:8443

cert = C:\Connect\stunnel\certs\ applicationcert.pem

key = C:\Connect\stunnel\certs\ applicationkey.pem

;configure ciphers as per your requirement and client support.

;this should work for most:

ciphers = TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES

; meeting SSL / RTMPS [rtmps-vip]

accept = 192.168.10.101:443

connect = 127.0.0.1:1935

cert = C:\Connect\stunnel\certs\ meetingcert.pem

key = C:\Connect\stunnel\certs\ meetingkey.pem

;configure ciphers as per your requirement and client support.

;this should work for most:

ciphers = TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES

;ACTS (WSS):

; Protocol version (all, SSLv2, SSLv3, TLSv1) sslVersion = all

options = NO_SSLv2

options = NO_SSLv3

; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 TIMEOUTclose=0

options = DONT_INSERT_EMPTY_FRAGMENTS

[acts]

; accept = ACTS IP:443 accept = 192.168.10.102:443

; When stunnel is on the same box, simply leave the below IP address as 127.0.0.1 connect = 127.0.0.1:9002

; Certificate information for Connect Meetings.

; This assumes you put the cert and key in the root folder of stunnel

;cert = CertificateNameHere.pem

;key = CerificateKeyNameHere.pem

cert = C:\Connect\stunnel\certs\ actscert.pem

key = C:\Connect\stunnel\certs\ actskey.pem

; ciphers = ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH ciphers = ALL:!AECDH:!ADH:!LOW:!EXP:!MD5:@STRENGTH

 

Added these lines in custom.ini:

ADMIN_PROTOCOL=https:// SSL_ONLY=yes

RTMP_SEQUENCE=rtmps://external-host:443/?rtmp://localhost:8506/

ACTS_PROTOCOL=wss:443

 

Uncommented these lines in server.xml file:

<Connector port="8443" protocol="HTTP/1.1" executor="httpsThreadPool" enableLookups="false"

acceptCount="250"

connectionTimeout="20000" SSLEnabled="false"

scheme="https" secure="true" proxyPort="443" URIEncoding="utf-8"/>

 

<Executor name="httpsThreadPool" namePrefix="https-8443-" maxThreads="350" minSpareThreads="25"/>

 

In Adobe Connect server "Sever setting" I entered meeting.testlab.com in hostmaping (external).

 

 

 

 

 

 

 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 24, 2020 0
Adobe Community Professional ,
Jun 24, 2020

Copy link to clipboard

Copied

Maybe it's just a text formatting issue when you pasted here, but the two things I see to adjust are:

custom.ini text

 

Current: 

ADMIN_PROTOCOL=https:// SSL_ONLY=yes

RTMP_SEQUENCE=rtmps://external-host:443/?rtmp://localhost:8506/

ACTS_PROTOCOL=wss:443

Change to:

ADMIN_PROTOCOL=https://

SSL_ONLY=yes

RTMP_SEQUENCE=rtmps://external-host:443/?rtmp://localhost:8506/

ACTS_PROTOCOL=wss:443

stunnel.conf text

 

Current:

[acts]

; accept = ACTS IP:443 accept = 192.168.10.102:443

; When stunnel is on the same box, simply leave the below IP address as 127.0.0.1 connect = 127.0.0.1:9002

; Certificate information for Connect Meetings.

Change to:

[acts]

; accept = ACTS IP:443

accept = 192.168.10.102:443

; When stunnel is on the same box, simply leave the below IP address as 127.0.0.1 connect = 127.0.0.1:9002

 

The stunnel.conf looks to be your culpriate as the connection string looks commented out for WSS over 443. The custom.ini could be an issue, but is more likely just a formatting/useability issue.

; Certificate information for Connect Meetings.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 24, 2020 0
New Here ,
Jun 24, 2020

Copy link to clipboard

Copied

Thanks for your prompt response.

It's a copy / paste issue here. In my conf, it is fine as you mentioned. Anything else needs to be changed in my config because issue still persists.

 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 24, 2020 0
Adobe Community Professional ,
Jun 25, 2020

Copy link to clipboard

Copied

If you have the developer console open (F12 in most browsers) are you seeing any errors when trying to open the HTML version of the room and the application hangs at Preparing Room?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 25, 2020 0
New Here ,
Jun 27, 2020

Copy link to clipboard

Copied

Sorry for the late reply.

 

I am getting the follwoing error in the developer console :

Chrome :

WebSocket connection to 'wss://application.testlab.com/' failed: WebSocket is closed before the connection is established.
Client: An error occured, see console log for more details.

Firefox :
Client: The connection to wss://application.testlab.com/ was closed. [1006]
A connection to wss://application.testlab.com/ has been closed by the client.
Firefox can’t establish a connection to the server at wss://application.testlab.com/.

 

I am getting the following error in stunnel log :

Service [https-vip] accepted connection from 192.168.100.100:65383

s_connect: connected 127.0.0.1:8443

Service [https-vip] connected remote server from 127.0.0.1:65513

transfer: s_poll_wait: TIMEOUTclose exceeded: closing

Connection closed: 263 byte(s) sent to TLS, 590 byte(s) sent to socket

 

 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 27, 2020 0
New Here ,
Jul 03, 2020

Copy link to clipboard

Copied

Hi

I have exactly the same problem and installed Adobe for a couple of times. Also I have tried installing Transmuxing service over and over and also have tried the following links.

Bad news is I still have the sam 302 error and won't load the meeting room in HTML5.

Can anyone help?

https://helpx.adobe.com/adobe-connect/kb/configure-ports-1935-443-80.html#:~:text=By%20default%2C%20...https://blogs.adobe.com/connectsupport/registering-acts-servers-in-connect-10-x/

https://blogs.adobe.com/connectsupport/adobe-connect-10-1-switch-the-default-acts-service-protocol-f...

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jul 03, 2020 0
New Here ,
Jul 03, 2020

Copy link to clipboard

Copied

I have the same problem and the meetings cannot open in HTML5 mode.

the following error repeats for 60 times and at the end it says the meeting room could not connect to adobe connect server.

It is worth mentioning that everything is ok if I connect to the meeting room through Adobe applicaiton.

error of the console is as follows:

/common/meetinghtml/2605d82d2ee9c716c0e0.worker.js:1 WebSocket connection to 'wss://adobe.dXX.com/' failed: Error during WebSocket handshake: Unexpected response code: 302

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jul 03, 2020 0
Adobe Community Professional ,
Jul 09, 2020

Copy link to clipboard

Copied

It wouldn't hurt to contact the Connect Support team to see if they have any input.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jul 09, 2020 0