I recently "finished" my major WebRTC project-- a peer-to-peer video chat for musicians where you can play music at the same time. I just fixed this annoying error (took me 2 days to solve, too) but now when I go to my server IP address it shows the start chat, everything, except it doesn't ask to allow video/audio, which results in a blank video slot and not being able to see anyone. Is this an issue with Digitalocean?
Also, you can look at the Digitalocean one to see going wrong and the Heroku one to see what it should be doing.
Thanks so much!
it looks like your call to getUserMedia is being blocked by the browser:
Uncaught Error: User media not available
at Object.getUserFullMedia (helpers.js:81)
at getAndSetUserStream (rtc.js:103)
at rtc.js:34
This happens because it requires the use of https when not on a localhost domain. Your heroku app works because it is using https, Digital Ocean doesn't because it's http.
On http://localhost, your browser allows it for ease of development.
In order for it to work on your digital ocean droplet, you'll want to set up a domain name that points to the droplet and set up an SSL certificate for that server.
Have you thought about just using heroku for this seeing as you've got it set up? They provide all of that for you out of the box with custom domains and SSL certificates.
Related
I have a bit of a problem with a web page I'm making. Here's the situation :
I have a working NodeJs server that's online, hosted on a VPS.
I'm making a webpage that makes requests to this server. The requests work when I'm testing them from localhost or my local network.
When I put my website on my hosting service (different from the server), the requests fail.
Google Chrome return this error :
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR
The domain I have registered for my webpage has TSL1.3 I think, it it https for sure. So I thought it was a mismatch, like my website couldn't make requests to a simple http server that doesn't have any SSL or whatnot.
But when I looked into setting my server to use SSL or TSL or something like that, I got really confused. People recommended I use cloudflare as it provides certificates for free, but Cloudflare only works with domains, not stuff that runs on VPS with only an IP adress. I also tried following Certbot instructions to make a certificate myself but my VPS doesn't support snapd, even though it's Ubuntu 20.04.
Any attempt on my part to follow the rabbit hole of SSL certificates hasn't yielded anything, that's why I'm posting here. I don't even know if somehow getting a ssl certifcate will solve the problem.
Any help is much appreciated
Im hosting a server on EC2 and I believe I set up the ports correctly to allow on 80 and 443. I'm hosting a flutter app on Firebase hosting, which forces all network communication to go through https which has been a royal pain. When I run everything (on localhost) through http, no problems. I have tried self-certification, but that doesn't seem to work. I am now trying green lock https://www.npmjs.com/package/greenlock-express.
I followed their tutorials and everything but i'm getting: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH. Can anyone offer some insight. I'm simply trying to host a static website and I have one call to a server. Maybe there is an easier approach?
For anyone running into this issue, I was using an IP: 12.345.678.90. Instead you have to use a domain: testwebsite.com
I found an example on how to use the twitch EventSub webhooks(https://github.com/twitchdev/eventsub-webhooks-node-sample/blob/main/index.js) but i'm struggling with finding out how to setup it up without having to install ngrok or other apps on my PC since i have a vps where i host the bot. I understood the GET method but POST is a bit difficult for me.
Hope i explained it well enough for someone to understand.
Twitch EventSub at time of writing only offers a "Webhook transport"
So you should be able to set this up no problem on your VPS, since your VPS is web accessabile.
To test this locally on your PC yes you will need a proxy/tunnel such as NGROK to make your PC web accessable.
A "webhook transport" (to over simplfy) operates in the same way a login from on a Website does. You fill in the form and hit submit, and the form is POST'ed to the server.
Webhook's it's the same thing, except the data isn't POST'ed as a form but a JSON blob in the body.
So you can use anything capable of receiving a HTTP POST. There are just a few NodeJS examples like the one you have linked kicking about.
TLDR: unless you are testing, skip setting it up on your PC and start with setting it up on your VPS, as the VPS doesn't need a tunnel, apache/nginx are the SSL Terminator that passes to your Node script, if you use a node script link the linked exmaple in the OP
This has taken me about a year to understand and get to, but I am the limit of my capability so reaching out to a StackOverflow guru please...
I would like to, if possible, secure my network model. The model is as shown in the diagram. To explain:-
All the aspects I have control of, is within the green shaded area. I cannot change anything outside this.
I run a simple application web server which is the VPN IPsec/L2tpd client. Static IP.
My router is ISP provided. It receives a DHCP Dynamic IP from the ISP.
My Digital Ocean Virtual Private Server has a static IP. It runs an NGINX reverse proxy that channels traffic through the VPN tunnel. It also runs the IPsec/L2tpd server.
A IPsec/L2TPD VPN tunnel is established and working.
A working VPN tunnel.
A cellphone that runs an app that communicates with my application server app. My cellphone receives a dynamic IP from my Network Operator.
I have three IP camera feeds served by my application server. Not a great speed but watchable in real-time.
I cannot change my ISP, or bandwidth/download/upload speed.
I cannot install VPN clients on the cellphone and I may want to access my app server through another cellphone provided by work so cannot install apps on it but does have unfettered web access through a browser.
Everything is now working, can't believe I've done it !
Anyway, my question is:-
Is there any way to secure the network so that only traffic from my mobile reaches - or rather is accepted - by my application server.
I accept IPsec/L2tpd is not great, but it is fast and I use this because I have tried OpenVPN, SoftEther and key based OpenSwan. These are waaaay to slow. The camera feeds are unwatchable and update one frame about every 5 seconds.
So with the limitations above, what can I do, what is possible? Please may I respectfully ask that you refrain from suggestions and concerns requiring a change to that which I cannot control, i accept all critique but that is not what I need here. I am asking for advice on how to secure , that which I can influence. Thank you
I cannot install VPN clients on the cellphone and I may want to access
my app server through another cellphone provided by work so cannot
install apps on it but does have unfettered web access through a
browser.
Due to the limitation that at the end, even a phone where you are not allowed to change anything but use the web, i suggest to configure proxy authentication on the nginx reverse proxy. I don't have experience with setting this up with nginx in particular but that's what should do the trick according to the network architecture and description you provided.
An example configuration on how to configure nginx for basic / client certificate auth can be found at: https://www.cloudsavvyit.com/1355/how-to-setup-basic-http-authentication-on-nginx/
I create a webrtc sample based On this tutorial. this work on my local network fine and I can send and receive signal and videos. but when I connect from internet ti the server and two peer are not in same network video connection does not create.
I am using self sign Certificate and must add them two browsers.
there is no error or exception. my signaling server is a web socket server written in nodejs.
Original Answer
I believe that you require a HTTPS (SSL certificate) if you are using Chrome +47 to be deployed online, but is not required if serving from a local machine on the same network.
According to caniuse; Edge and Firefox may yield non blocking results (but prefix with moz):http://caniuse.com/#feat=stream
The issue isn't necessarily WebRTC but getUserMedia/Stream API isn't provided when the called from a non-secure site (or non-localhost address).
Attached Image:
(https://developers.google.com/web/updates/2015/10/chrome-47-webrtc)
Update:
Did a bit more digging around, and the following answer is related to the question getUserMedia() in chrome 47 without using https i.e. possible duplicate;
You "can" launch a Chrome browser to accept the insecure origin; however, that's temp. fix, whereas you'd probably want to get a certificate.
chrome.exe --user-data-dir=/test/only/profile/dir --unsafely-treat-insecure-origin-as-secure="http://example.com"