Rfc5766-turn-server - how to enable the TLS and HTTP CONNECT method with it?

Question

Rfc5766-turn-server - how to enable the TLS and HTTP CONNECT method with it?

I have the following setup for rfc5766-turn-server, but still not sure how to enable TLS in turnerver.conf?

Any idea what's missing to make sure TLS is activated and what other related sources are missing?

# cat turnserver.conf
user=root:root
realm=x.x.x.x
#no-tls
#no-dtls
syslog
aux-server=x.x.x.x:80
aux-server=x.x.x.x:443

Problem. When the TURN client connects with the following primitives to what is above the TURN server, there is a problem of closing the automatic TURN session.

config: '{"iceServers":[{"urls":"stun:stun.l.google.com:19302"},        
         {"credential":"root","urls":"turn:root@XXXXX:443?transport=tcp"}], 
          "iceTransports":"relay"}';

NOTE: 443 TCP

or

config: '{"iceServers":[{"urls":"stun:stun.l.google.com:19302"},        
         {"credential":"root","urls":"turn:root@XXXXX:80?transport=tcp"}], 
          "iceTransports":"relay"}';

NOTE: 80 TCP

+4

ssl centos webrtc turn rfc5766turnserver

Yumyumyum Jul 16 '14 at 8:00

source share

1 answer

mido · Answer 1 · 2015-08-19T05:33:14+0000

I guess I approached the question a bit, hoping that this would help people who later stumble upon this question.

, TURN , flatfile/some db, turnserver ( turnadmin)

, ip XXXXX PPP ( , , , , , udp tcp, < 1024 )

turnconfig (turnconfig.conf):

listening-ip=XXXXX
tls-listening-port=PPP
cert=( certificate location)
pkey=( private key location)
lt-cred-mech
realm=someRealm
log-file=/var/tmp/turn.log
no-sslv2
no-sslv3

cmd : turnserver -v -c turnconfig.conf -o -u user:root

:

turnserver --tls-listening-port PPP -L XXXXX -r someRealm -a -o -v -n -u user:root -l '/var/tmp/turn.log' --no-sslv2 --no-sslv3

.. NAT ( , Amazon EC2), feild external-ip.

config ( RTCPeerConnection WebRTC):

config: {
            'iceServers':[
                {
                    'url': 'stun:stun.l.google.com:19302' 
                },
                {   
                    'url': 'turn:user@XXXXX:PPP?transport=udp',
                    'credential': 'root'
                },
                {   
                    'url': 'turn:user@XXXXX:PPP?transport=tcp',
                    'credential': 'root'
                }
            ]
    };

openssl:

openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 3001 -nodes

Rfc5766-turn-server - how to enable the TLS and HTTP CONNECT method with it?

More articles: