i am running the coturn server in ubuntu on localhost
here is my turnserver.conf
verbose
listening-ip=127.0.0.1
realm=test.demo
static-auth-secret=fb1d5d356dff13e709980e2a07dfcef130a713d53e4c6701efe4b770f27e17d4
use-auth-secret
starting the server as
service coturn start
service coturn status
returned
● coturn.service - LSB: coturn TURN Server
Loaded: loaded (/etc/init.d/coturn; generated)
Active: active (running) since Fri 2020-10-02 17:28:08 PKT; 3s ago
Docs: man:systemd-sysv-generator(8)
Process: 18905 ExecStop=/etc/init.d/coturn stop (code=exited, status=0/SUCCESS)
Process: 18912 ExecStart=/etc/init.d/coturn start (code=exited, status=0/SUCCESS)
Tasks: 15 (limit: 4915)
CGroup: /system.slice/coturn.service
└─18934 /usr/bin/turnserver -c /etc/turnserver.conf -o -v
Oct 02 17:28:08 user-Inspiron-7773 systemd[1]: Starting LSB: coturn TURN Server...
Oct 02 17:28:08 user-Inspiron-7773 coturn[18912]: * Starting coturn turnserver
Oct 02 17:28:08 user-Inspiron-7773 coturn[18912]: ...done.
Oct 02 17:28:08 user-Inspiron-7773 systemd[1]: Started LSB: coturn TURN Server.
and sudo netstat -npta | grep turnserver gives
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
i have generated the temporary username and password
val secretKey = "fb1d5d356dff13e709980e2a07dfcef130a713d53e4c6701efe4b770f27e17d4"
val userId= "abcd1234"
val ttl:Long = 3600 * 6
val unixTimeStamp =System.currentTimeMillis()/1000L + ttl
val userName = unixTimeStamp +":"+ userId
val secret = new SecretKeySpec(secretKey.getBytes, "HmacSHA1")
val mac = Mac.getInstance("HmacSHA1")
mac.init(secret)
val result: Array[Byte] = mac.doFinal(userName.getBytes)
val hashStr= new String(result.map(_.toChar))
val password = Base64.getEncoder.encodeToString(hashStr.getBytes())
and it produces the output
username:1601663142:abcd1234
password: Wi4H776QJCoFbe+/hgrvv7Pvv5te77+m776L776K776N77+Y77+UUQ==
i have tested this in two ways
first in chrome console following code throws the exception
var iceConfiguration = {
iceServers: [
{
urls: 'turn:127.0.0.1:3478',
username: '1601663142:abcd1234',
credentials: 'Wi4H776QJCoFbe+/hgrvv7Pvv5te77+m776L776K776N77+Y77+UUQ=='
}
]
}
var peerConnection = new RTCPeerConnection(iceConfiguration);
Uncaught DOMException: Failed to construct 'RTCPeerConnection': Both username and credential are required when the URL scheme is "turn" or "turns".
at <anonymous>:12:22
(anonymous) # VM41:12
and Tricle Ice
how can i get it to working
I think the answer is simple, you've specified credentials and the error is that credential is missing, so remove the s and try again.
Related
I have a running apache webserver in centos docker container which is hosted by AWS redhat instance.
I am able to curl my container webserver in AWS instance local host but unable to access publicly in my laptop web browser.
details of the Webserver:
docker run -d --name httpd -p 8080:8080 -v /home/ec2-user/apache/web1/www:/var/www:Z docker.io/centos/httpd-24-centos7
The output of docker ps:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
abd790b28b51 docker.io/centos/httpd-24-centos7 "container-entrypo..." 2 hours ago Up 20 minutes 0.0.0.0:8080->8080/tcp, 8443/tcp httpd
In AWS instance :
curl http://localhost:8080
Hello World!!!
But unable to get this in public internet using AWS host public ip from my laptop.
The output of netstat -tulpn:
(No info could be read for "-p": geteuid()=1000 but you should be root.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp6 0 0 :::8080 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:25 :::* LISTEN -
udp 0 0 0.0.0.0:68 0.0.0.0:* -
udp 0 0 127.0.0.1:323 0.0.0.0:* -
udp6 0 0 ::1:323 :::* -
My AWS Security inbound rules:
HTTP TCP 80 157.51.138.196/32
All traffic All All 157.51.138.196/32
SSH TCP 22 157.51.138.196/32
DNS (TCP) TCP 53 157.51.138.196/32
HTTPS TCP 443 157.51.138.196/32
you are missing inbound rule 8080 on instance security group add it and check and inform further if not work.
Hurray it Worked!!!
But not sure how it worked actually ;-) Will try to find out that...
I just stopped all apache containers and removed them entirely. Then executed the below command and everything worked perfect.
While using the below make sure you are mapping the volume (-v) correctly to the index.html file in your host.
docker run -d --name httpd -p 9080:8080 -v /home/ec2-user/apache/web1/www/html:/var/www/html:Z docker.io/centos/httpd-24-centos7
Am running contos7 in my server, yesterday i tried to restart my apache but it failed and since then could not start again.
Everytime i try to start it will show below warning.
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details
I tried following this post https://stackoverflow.com/a/37131726/8778864, but stocked on what next to do after i have list all port, please am very new in linux / server, can anyone help out.
netstat -punta | grep LISTEN
My output when i run the above command
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 394/dovecot
tcp 0 0 0.0.0.0:2082 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:2083 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 394/dovecot
tcp 0 0 0.0.0.0:7777 0.0.0.0:* LISTEN 376/sshd
tcp 0 0 0.0.0.0:2086 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:2087 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN 552/master
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 552/master
tcp 0 0 0.0.0.0:2030 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 394/dovecot
tcp 0 0 0.0.0.0:2095 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:2031 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 394/dovecot
tcp 0 0 0.0.0.0:2096 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 552/master
tcp 0 0 132.17.288.75:53 0.0.0.0:* LISTEN 411/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 411/named
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 397/pure-ftpd (SERV
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 552/master
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 411/named
tcp 0 0 127.0.0.1:2302 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:4190 0.0.0.0:* LISTEN 394/dovecot
tcp6 0 0 :::7777 :::* LISTEN 376/sshd
tcp6 0 0 :::3306 :::* LISTEN 434/mysqld
tcp6 0 0 :::587 :::* LISTEN 552/master
tcp6 0 0 :::465 :::* LISTEN 552/master
tcp6 0 0 ::1:53 :::* LISTEN 411/named
tcp6 0 0 :::21 :::* LISTEN 397/pure-ftpd (SERV
tcp6 0 0 :::25 :::* LISTEN 552/master
tcp6 0 0 ::1:953 :::* LISTEN 411/named
[root#host admin101]# systemctl status httpd.service
● httpd.service - Web server Apache
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2019-01-02 05:38:34 UTC; 2h 38min ago
Process: 15750 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, status=1/FAILURE)
Dec 31 11:11:12 host.example.com systemd[1]: Failed to start Web server Apache.
Dec 31 11:11:12 host.example.com systemd[1]: Unit httpd.service entered failed state.
Dec 31 11:11:12 host.example.com systemd[1]: httpd.service failed.
Dec 31 11:19:37 host.example.com systemd[1]: Starting Web server Apache...
Dec 31 11:19:37 host.example.com apachectl[26747]: AH00526: Syntax error on line 15 of /usr/local/apache/conf.d/vhosts-ssl.conf:
Dec 31 11:19:37 host.example.com apachectl[26747]: SSLCertificateFile: file '/etc/pki/tls/certs/website1.com.cert' does not exist or is empty
Dec 31 11:19:37 host.example.com systemd[1]: httpd.service: control process exited, code=exited status=1
Dec 31 11:19:37 host.example.com systemd[1]: Failed to start Web server Apache.
Dec 31 11:19:37 host.example.com systemd[1]: Unit httpd.service entered failed state.
Dec 31 11:19:37 host.example.com systemd[1]: httpd.service failed.
[root#host admin101]#
There is most likely a hostname vs certificate resolution problem.
Please see following:
https://forum.centos-webpanel.com/centos-7-problems/cwpsrv-service-failed-emerg/
Ensure correct certificates listed in:
/usr/local/cwpsrv/conf/cwpsrv.conf/cwpsrv.conf
} ssl_certificate /etc/pki/tls/certs/hostname.cert;
} ssl_certificate_key /etc/pki/tls/private/hostname.key;
Then:
1) From cwp save your hostname again and it will generate a new certificate and key
If not possible to access CWP as happened to me... Access server through CLI and key in the following command/s
sh /scripts/generate_hostname_ssl
OR if this above does not work;
sh /usr/local/cwpsrv/htdocs/resources/scripts/generate_hostname_ssl
Dec 31 11:19:37 host.example.com apachectl[26747]: SSLCertificateFile: file '/etc/pki/tls/certs/website1.com.cert' does not exist or is empty
Looks like you are trying to install SSL but misconfigured. Checkout with your SSL first, and rebuild vhosts. This would solve your issue and let you start apache again.
If you use "AutoSSL" delete all certificate which built from it (All Let's Encrypt), then restart Apache service.
I have a t2.medium ec2 instance which runs apache. Everything was fine till today morning but suddenly apache stopped working and does not restart again.
[ec2-user#ip-172-31-3-46 ~]$ sudo service httpd start
Starting httpd: [FAILED]
[ec2-user#ip-172-31-3-46 ~]$ service httpd start
Starting httpd: (13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
[FAILED]
Then we checked where port 80 is already listening.
[ec2-user#ip-172-31-3-46 ~]$ sudo netstat -tupln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2204/rpcbind
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2392/sshd
tcp 0 0 0.0.0.0:38935 0.0.0.0:* LISTEN 2225/rpc.statd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2714/sendmail
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2664/mysqld
tcp 0 0 :::111 :::* LISTEN 2204/rpcbind
tcp 0 0 :::22 :::* LISTEN 2392/sshd
tcp 0 0 :::46232 :::* LISTEN 2225/rpc.statd
udp 0 0 0.0.0.0:68 0.0.0.0:* 2090/dhclient
udp 0 0 0.0.0.0:111 0.0.0.0:* 2204/rpcbind
udp 0 0 172.31.3.46:123 0.0.0.0:* 2416/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 2416/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 2416/ntpd
udp 0 0 0.0.0.0:51407 0.0.0.0:* 2225/rpc.statd
udp 0 0 0.0.0.0:683 0.0.0.0:* 2204/rpcbind
udp 0 0 127.0.0.1:708 0.0.0.0:* 2225/rpc.statd
udp 0 0 :::111 :::* 2204/rpcbind
udp 0 0 :::683 :::* 2204/rpcbind
udp 0 0 :::40147 :::* 2225/rpc.statd
But there is no sign of port 80 in this.
We need to go live today but this has posed a major problem? Can someone please suggest what to do?
Try this: pidof httpd or pidof apache2 (depending on the distro running on that t2micro aws instance). If it returns any pid then kill that pid or those pids manually issuing a kill -9 pid then try restarting apache. If that doesn't work you should investigate the apache logs. That should give you more info about what is preventing apache to start and a possible way to fix the issue so you can start apache. Deploying a new instance is not going to help you to start the apache on your current instance and/or figure out the current issue.
I just restarted my server on digital ocean using reboot, and now apache is not serving any pages. I can ping the IP from my client. Everything was working fine before the restart. Here are some outputs from some of the tests I've done so far:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1005/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1774/sendmail: MTA:
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 1241/mysqld
tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN 1774/sendmail: MTA:
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 1703/memcached
tcp6 0 0 :::22 :::* LISTEN 1005/sshd
tcp6 0 0 :::443 :::* LISTEN 2991/apache2
tcp6 0 0 :::80 :::* LISTEN 2991/apache2
Here is result of netstat. I'm not sure but does this mean that apache is not listening on IPV4 (TCP)??:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1005/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1774/sendmail: MTA:
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 1241/mysqld
tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN 1774/sendmail: MTA:
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 1703/memcached
tcp6 0 0 :::22 :::* LISTEN 1005/sshd
tcp6 0 0 :::443 :::* LISTEN 2991/apache2
tcp6 0 0 :::80 :::* LISTEN 2991/apache2
udp 0 0 127.0.0.1:11211 0.0.0.0:* 1703/memcached
The error.log seems OK:
[Thu Oct 01 09:09:20.131886 2015] [mpm_prefork:notice] [pid 2991] AH00171: Graceful restart requested, doing restart
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
[Thu Oct 01 09:09:20.213216 2015] [:notice] [pid 3176] FastCGI: process manager initialized (pid 3176)
[Thu Oct 01 09:09:20.221458 2015] [ssl:warn] [pid 2991] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Thu Oct 01 09:09:21.001486 2015] [mpm_prefork:notice] [pid 2991] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 OpenSSL/1.0.1f configured -- resuming normal operations
[Thu Oct 01 09:09:21.002462 2015] [core:notice] [pid 2991] AH00094: Command line: '/usr/sbin/apache2'
There are various things you can try to resolve the problem:
You can SSH into your server and check for a config syntax error:
#httpd -t
#httpd -S
You should see a "Syntax OK" message if the httpd.conf is configured properly.
You could check the Apache Error Log File which will point out the exact problem location:
tail -f /var/log/httpd-error.log
egrep -i 'warn|error' /var/log/httpd-error.log
Another option is to check for other processes that may be using port 80 or 443. Use the netstat command to list open ports and their owners:
# netstat -tulpn
# netstat -tulpn | grep
# netstat -tulpn | grep ':80'
If other process using port 80 / 443, you need to stop them or assign another port to Apache.
If none of the above things are helpful, you can check for open file FD limits, Apache/PHP/Python/CGI log file size and DNS configuration.
Hopefully there are some ideas you can try there.
Cheers
I have a vaadin 7 app running on tomcat 7 on an EC2 server. The app runs through port 8080, so I redirect my domain from 80 to 8080 using:
/sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
Now, I need to use an SSL certificate that should run on ports 8443 or 443, but checking my port using sudo netstat -nlp, I get this:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2332/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2371/sendmail
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2987/mysqld
tcp 0 0 :::8080 :::* LISTEN 3204/java
tcp 0 0 :::80 :::* LISTEN 3151/httpd
tcp 0 0 :::22 :::* LISTEN 2332/sshd
tcp 0 0 ::ffff:127.0.0.1:8005 :::* LISTEN 3204/java
tcp 0 0 :::8009 :::* LISTEN 3204/java
udp 0 0 0.0.0.0:68 0.0.0.0:* 2063/dhclient
udp 0 0 172.30.0.27:123 0.0.0.0:* 2356/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 2356/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 2356/ntpd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 1742 2987/mysqld /var/lib/mysql/mysql.sock
unix 2 [ ACC ] STREAM LISTENING 10316 2151/dbus-daemon /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 9565 1/init #/com/ubuntu/upstart
unix 2 [ ACC ] SEQPACKET LISTENING 9820 1578/udevd #/org/kernel/udev/udevd
So, as I understand, those ports aren't even there...How can I "activate" them and then use them for my https connection?
You are supposed to configure your certificate in your tomcat as shown here .
Then you should open those ports in the EC2 console as shown here.