msgbartop
Various ramblings-on, mostly about Red5
msgbarbottom

26 May 08 RTMPS in Red5

Red5 now supports RTMPS, many of you will be very happy about this new feature. Previously, users had to use stunnel or some other “hack” to implement this feature that FMS supports. RTMPS was easy to implement after I realized RTMPS is RTMPT over SSL; this is a big revelation, since I started out thinking it was RTMP via SSL/TLS. So without further rambling, here is how to setup RTMPS in Red5 at zero cost. I would rate the procedure below as Intermediate level.

Create a self-signed certificate

There are many articles on the web which describe how to complete this first task, but I will explain how to do this with the tool included with Java. Execute this command from your console:

keytool -genkey -alias red5 -keyalg RSA -keysize 512 -validity 3650 \
    -keystore keystore -keypass password -storepass password \
    -dname "CN=localhost,OU=Red5,O=Red5,L=Henderson,ST=NV,C=US"

You may change a few of these options if you prefer, but I suggest that you only change some of the DName fields: Location (L), State (ST), and Country (C). Otherwise the feature may not work. Also note that if you are going to use RTMPS on the Internet, you will probably want to get a CA signed certificate.

Upon completion of this task you will have a file named “keystore”, keep track of this since you will need it later on.

Get Red5

The RTMPS feature is not released as part of the current stable server (version 0.7.0) it is however available via SVN starting with revision 2819. This means you have to get an Subversion client, grab the source, build, and deploy; I will not be covering all these steps in this post. Go to http://osflash.org/red5 for links and information on Red5.

Configuration

Once you have Red5, copy the keystore file you created with step one into your conf directory (overwrite the current keystore file in the directory if prompted). The configuration file containing the parameter for RTMPS is in conf/red5-core.xml and you will need to update the RTMPS section if you changed the keystore password. The other configuration file to make note of is red5.properties, it contains the port assignments for the supported protocols. Make sure that you have your ports configured correctly; Adobe suggests that RTMPS be defaulted to port 443, normally this port is reserved for HTTPS. If you change this port to something other than 443 you will need to update your NetConnection urls with the correct port.

For Advanced users, there are a few other options you may specify on your RTMPS connection such as the supported ciphers. You can find additional information on this here. The connectioProperties section is where you would place these additional key / value pairs.

Engage

Start the server and test your applications. I personally tested with the oflaDemo that comes bundled in Red5. Go to http://localhost:5080/demos/oflaDemo.swf and change the rtmp url to rtmps://localhost/oflaDemo et voila! This of course assumes that you didnt change any ports.

Debugging

To see what is going on with SSL at a really low level you can enable this option in your startup:

 -Djavax.net.debug=ssl

It will cause additional information to be displayed on the console.

Tags: ,



Reader's Comments

  1. |

    Thanks for the good tutorial. Everything is clear!

  2. |

    Wow, Great news, I am going to write about it.

  3. |

    [...] http://gregoire.org/2008/05/26/rtmps-in-red5/ [...]

  4. |

    Red5 + RTMPS…

    [...]Short tutorial on how to use RTMPS with Red5.[...]…

  5. |

    Thanks for sharing.

  6. |

    Thank you. You have helped someone more than you could know.

    Sohbet Konya

  7. |

    Thats GrEaT ,i successfully test it ,would anybody know what are settings rtmps with openmeetings????

  8. |

    hello all,

    i got the red5 workin however, i cannot seem get this to work on dreamwaver. any ideas please thank you

  9. |

    thanks.

  10. |

    thanks for this post. It helped us a lot.

  11. |

    Paul thanks so much for the post. I was glad to hear that we could do this RTMPS stuff in Red5. Thanks for your article as well. It seam to not be working for me.

    I downloaded and installed Red5 0.8 RC2, followed your instructions to the T. The application that I am trying to get working with RTMPS was built on Red5 0.7 and running it and connecting using RTMP on 0.8 works great.

    When I try to connect to rtmps://localhost:8443/myapp it is not able to connect and I do not get any debugging info from the server running in eclipse.

    You have any thoughts on what I could do to trouble shoot this?

  12. |

    Hello,

    Thank you for this post. Have you been following the thread at: http://www.nabble.com/RTMPS-not-connecting.-Could-it-be-the-cert's-fault—to22794390.html#a22834241 ?

    Are you still able to connect to your app via RTMPS using these steps using RC2?

    Thank you,

    dan

  13. |

    I havent tried RTMPS recently, but I have heard that this issue has to do with the proxy setting in FP.

  14. |

    I get rtmps to work on the local machine. I have my firewall on the machine set to allow in requests on port 443. rtmp comes in OK from another machine on my network but rtmps doesn’t work. Using 0.8 RC2.

    David

  15. |

    [...] To use rtmps with Red5 you need to configure Red5 for rtmps. [...]

  16. |

    Hi,

    I followed your tutorial and was unable to make my flash client connect to red5 (latest trunk) using rtmps.

    I can see the handshakes being printed in red5′s console, but it always rejects the client at the end.

    Any idea?

    Cheers,

  17. |

    The RTMPS on red.war in tomcat is not working with self signed certificate.The rtmp connection is success but rtmps is failed.

    But The RTMPS over red5 server is working with self signed certificate as told by paul procedure in
    http://gregoire.org/2008/05/26/rtmps-in-red5/

    I follwed the procedure in red5 war in tomcat is

    1.created an ssl to tomcat https:8443(self signed certif)
    2.rtmp://localhost:1935/vcong -> Connection Sucess.
    2.rtmps://localhost:8443/vconf -> connection Failed.

    is there any diff b/w Red5_0.8.war in Tomcat and Red5 Server to create RTMPS ?
    Please told the solution

  18. |

    Can RED5 do that, Netconnetion with ssl (send username /password), and Netstream without ssl????

  19. |

    havent tried RTMPS recently, but I have heard that this issue has to do with the proxy setting in FP

  20. |

    I get rtmps to work on the local machine. I have my firewall on the machine set to allow in requests on port 443. rtmp comes in OK from another machine on my network but rtmps doesn’t work.

  21. |

    @JAY
    comment, in red5-core.xml,

    <!–

    –>
    then, below activate (comment out) section with:
    <bean id="rtmps.server" ….

    after that it will work ok. start script in background to see logging:
    ./red5.sh &
    and you will have to see:
    2010-09-04 11:20:18,777 [main] INFO o.a.catalina.core.StandardEngine – Starting Servlet Engine: Apache Tomcat/6.0.24
    2010-09-04 11:20:18,873 [main] INFO o.r.server.tomcat.rtmps.RTMPSLoader – Connector info: org.apache.catalina.connector.Connector/2.1
    2010-09-04 11:20:19,171 [main] INFO o.a.coyote.http11.Http11NioProtocol – Initializing Coyote HTTP/1.1 on http-443
    2010-09-04 11:20:19,172 [main] INFO o.r.server.tomcat.rtmps.RTMPSLoader – Starting RTMPS engine
    2010-09-04 11:20:19,185 [main] INFO o.a.coyote.http11.Http11NioProtocol – Starting Coyote HTTP/1.1 on http-443

  22. |

    but it always rejects the client at the end.

  23. |

    Thanks for sharing.
    klima servisi, kombi servisi hizmeti veren web sitesi.

  24. |

    Hi Paul :-)

    I’m trying to get video streaming in ajaxchat to work across SSL. ajaxchat uses red5 v0.7.0. It will not work with any version above that.

    I saw your article on using a specific build of red5 0.7.0 that supports RTMPS.

    I downloaded the lastest 0.7.0 build and tried to use ant/ivy/java sdk 1.6 to build that puppy. But, I have had no luck. I keep getting errors from ant like “red5#ehcache;1.2.3: not found.”

    I’ve been trying to get it to build all evening.

    I just need a windows installation package of that particular build, and I’ll be ready to solve the ssl problem with ajaxchat.

    Is there anywhere I can download that build from the web?

    Thanks!

    Bryan
    :-)

  25. |

    I’m sorry, i’ve tried this tutorial and other tutorial from Paul to set red5 server fro rtmps. But when I run my app, there are some errors that said handshake failed. My app is java desktop app, I make a VOD app using netbeans and red5 as the server. I can’t fix it yet. Can you please help me?

  26. |

    I suggest that you post your situation on the users list or on stackoverflow.com as you’ll get more help there and probably a lot quicker.



Leave a Comment


Fatal error: Call to undefined function akismet_counter() in C:\xampp\htdocs\paulgregoireblog\wp-content\themes\googlechrome\footer.php on line 9