Clients connecting on own jitsi but cannot receive audio or video

hello everyone,
just installed for the first time Jitsi on a testing VM under KVM, OS is ubuntu 18.04 on which I installed everything following the guide on jitsi.org (installing full system via apt-get -y install jitsi-meet)

Since as I said the system is on a VM behind NAT with ports 443 and 80 already taken by other VMs, I tried to set Jitsi to work on different ports, 8080 for the old 80 and 52443 for the 443, being partially able to achieve the result, as viewable here: meet.sablab.it:52443

I said partially because after loggin in, even if multiple clients can create own rooms, connect and chat, no video or audio stream is delivered to other clients (even if on local clients no errors are reported). So now I’m stuck without knowing what else to check, since it’s actually quite unclear for me how various components (jicofo, jitsi, prosody) interact with each others…

resuming the whole setup:
active natted ports:

  • tcp 8080
  • tcp 52443
  • udp 10000

all of them confirmed to be reachable from outside with nc (and locally confirmed with tcptrack -i ens3 which reports the connections):
nc -zv meet.sablab.it 8080 Connection to meet.sablab.it 8080 port succeeded! nc -zv meet.sablab.it 52443
Connection to meet.sablab.it 52443 port succeeded!

system available at meet.sablab.it:52443 after editing the following files (list obtained via grep):

# grep -rnw '/etc/' -e '52443'
/etc/nginx/sites-available/default:27:	#listen 52443 ssl default_server;
/etc/nginx/sites-available/default:28:	#listen [::]:52443 ssl default_server;
/etc/nginx/sites-available/meet.sablab.it.conf:20:    listen 52443 ssl http2;
/etc/nginx/sites-available/meet.sablab.it.conf:21:    listen [::]:52443 ssl http2;
/etc/prosody/conf.avail/meet.sablab.it.cfg.lua:9:  { type = "stun", host = "meet.sablab.it", port = "52443" },
/etc/prosody/conf.avail/meet.sablab.it.cfg.lua:10:  { type = "turn", host = "meet.sablab.it", port = "52443", transport = "udp" },
/etc/prosody/conf.avail/meet.sablab.it.cfg.lua:11:  { type = "turns", host = "meet.sablab.it", port = "52443", transport = "tcp" }
/etc/turnserver.conf:11:listening-port=52443
/etc/jitsi/meet/meet.sablab.it-config.js:31:	bosh: '//meet.sablab.it:52443/http-bind',
/etc/jitsi/meet/meet.sablab.it-config.js:346:            //{ urls: 'stun:meet.sablab.it:52443' },

thank everyone in advance for any help!

Have you checked outgoing rules for the firewall, for outgoing traffic.

yes ufw service was already disabled with sudo ufw disable and systemctl disable ufw, these are the services running actually:
# service --status-all
[ - ] acpid
[ + ] apparmor
[ + ] apport
[ + ] atd
[ - ] console-setup.sh
[ + ] coturn
[ + ] cron
[ - ] cryptdisks
[ - ] cryptdisks-early
[ + ] dbus
[ + ] ebtables
[ + ] grub-common
[ - ] hwclock.sh
[ - ] irqbalance
[ + ] iscsid
[ + ] jicofo
[ + ] jitsi-videobridge2
[ - ] keyboard-setup.sh
[ + ] kmod
[ - ] lvm2
[ + ] lvm2-lvmetad
[ + ] lvm2-lvmpolld
[ + ] lxcfs
[ - ] lxd
[ - ] mdadm
[ - ] mdadm-waitidle
[ + ] nginx
[ - ] open-iscsi
[ - ] open-vm-tools
[ - ] plymouth
[ - ] plymouth-log
[ + ] procps
[ + ] prosody
[ - ] rsync
[ + ] rsyslog
[ - ] screen-cleanup
[ + ] ssh
[ + ] udev
[ - ] ufw
[ + ] unattended-upgrades
[ - ] uuidd
[ - ] x11-common

meanwhile, thanks for your quick response!

could this in the jicofo.log be meaningful?

Jicofo 2020-04-02 14:14:38.342 WARNING: [36792] org.jivesoftware.smack.AbstractXMPPConnection.callConnectionClosedOnErrorListener() Connection XMPPTCPConnection[not-authenticated] (0) closed with error
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
        at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:810)
        at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1200(XMPPTCPConnection.java:151)
        at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1071)
        at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
        at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
        at java.lang.Thread.run(Thread.java:748)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:450)
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:317)
        at sun.security.validator.Validator.validate(Validator.java:262)
        at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)
        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:237)
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)
        ... 13 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:445)
        ... 19 more

Uhm. Yes.

For a short workaround you can add this one into your config file (sip.communicator-properties):

org.jitsi.jicofo.ALWAYS_TRUST_MODE_ENABLED=true

thanks, putting that eliminated the message in the log but still no resolution for the audio and video stream delivery

Other errors in Jicofo or JVB log? We need some more details.

this is from jvb.log

# tail -20 /var/log/jitsi/jvb.log 
2020-04-02 14:31:19.278 INFO: [17] Videobridge.createConference#326: create_conf, id=84cbd2cefa566868 gid=null logging=false
2020-04-02 14:31:19.301 INFO: [17] Health.doRun#294: Performed a successful health check in 24ms. Sticky failure: false
2020-04-02 14:31:27.341 INFO: [16] VideobridgeExpireThread.expire#144: Running expire()
2020-04-02 14:31:29.303 INFO: [17] Videobridge.createConference#326: create_conf, id=8c1ce568efe9637d gid=null logging=false
2020-04-02 14:31:29.341 INFO: [17] Health.doRun#294: Performed a successful health check in 39ms. Sticky failure: false
2020-04-02 14:31:39.342 INFO: [17] Videobridge.createConference#326: create_conf, id=2b7f9f04100f3a65 gid=null logging=false
2020-04-02 14:31:39.371 INFO: [17] Health.doRun#294: Performed a successful health check in 30ms. Sticky failure: false
2020-04-02 14:31:49.375 INFO: [17] Videobridge.createConference#326: create_conf, id=cb7739f90b7af350 gid=null logging=false
2020-04-02 14:31:49.411 INFO: [17] Health.doRun#294: Performed a successful health check in 40ms. Sticky failure: false
2020-04-02 14:31:59.413 INFO: [17] Videobridge.createConference#326: create_conf, id=d2b6416dc82e3050 gid=null logging=false
2020-04-02 14:31:59.463 INFO: [17] Health.doRun#294: Performed a successful health check in 49ms. Sticky failure: false
2020-04-02 14:32:09.466 INFO: [17] Videobridge.createConference#326: create_conf, id=126f870fd6a184d1 gid=null logging=false
2020-04-02 14:32:09.486 INFO: [17] Health.doRun#294: Performed a successful health check in 21ms. Sticky failure: false
2020-04-02 14:32:19.487 INFO: [17] Videobridge.createConference#326: create_conf, id=e9d43fff256a0155 gid=null logging=false
2020-04-02 14:32:19.512 INFO: [17] Health.doRun#294: Performed a successful health check in 26ms. Sticky failure: false
2020-04-02 14:32:27.342 INFO: [16] VideobridgeExpireThread.expire#144: Running expire()
2020-04-02 14:32:29.515 INFO: [17] Videobridge.createConference#326: create_conf, id=d4227d0a65511a16 gid=null logging=false
2020-04-02 14:32:29.566 INFO: [17] Health.doRun#294: Performed a successful health check in 54ms. Sticky failure: false
2020-04-02 14:32:39.567 INFO: [17] Videobridge.createConference#326: create_conf, id=b26721bd7824b10 gid=null logging=false
2020-04-02 14:32:39.588 INFO: [17] Health.doRun#294: Performed a successful health check in 22ms. Sticky failure: false

or maybe this one from prosody.err

# tail -20 /var/log/prosody/prosody.err 
Mar 31 21:59:29 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Mar 31 21:59:29 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 11:34:49 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 11:34:49 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 11:47:00 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 11:47:00 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 12:02:20 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 12:02:20 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 12:06:11 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 12:06:11 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 12:53:34 modulemanager	error	Unable to load module 'auth_internal-plain': /usr/lib/prosody/modules/mod_auth_internal-plain.lua: No such file or directory
Apr 01 12:53:34 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 12:53:34 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 12:55:04 modulemanager	error	Unable to load module 'auth_internal-plain': /usr/lib/prosody/modules/mod_auth_internal-plain.lua: No such file or directory
Apr 01 12:55:05 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 12:55:05 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 12:58:20 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 01 12:58:20 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 02 14:25:19 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 02 14:25:19 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281

and prosody.log

# tail -20 /var/log/prosody/prosody.log 
Apr 02 14:25:30 focus.meet.sablab.it:component	warn	Component not connected, bouncing error for: <iq id='xcQ7b-17' type='get' to='focus.meet.sablab.it' from='4c6d6c6c-5c6f-482a-848d-ce4ce5e0fd42@meet.sablab.it/focus21012732769'>
Apr 02 14:25:30 focus.meet.sablab.it:component	warn	Component not connected, bouncing error for: <iq id='xcQ7b-29' type='get' to='focus.meet.sablab.it' from='4c6d6c6c-5c6f-482a-848d-ce4ce5e0fd42@meet.sablab.it/focus21012732769'>
Apr 02 14:25:31 focus.meet.sablab.it:component	warn	Component not connected, bouncing error for: <iq id='dd9049cd-2cef-4b95-86ef-848137421e58:sendIQ' type='set' to='focus.meet.sablab.it' from='ef81a9fe-86b3-42f0-b271-c01ef9c81b11@meet.sablab.it/a8763b43-f8e7-4420-b16b-c3e37d7ae162'>
Apr 02 14:25:31 focus.meet.sablab.it:component	warn	Component not connected, bouncing error for: <iq id='xcQ7b-59' type='get' to='focus.meet.sablab.it' from='4c6d6c6c-5c6f-482a-848d-ce4ce5e0fd42@meet.sablab.it/focus21012732769'>
Apr 02 14:25:32 conference.meet.sablab.it:muc_domain_mapper	warn	Session filters applied
Apr 02 14:25:32 c2s558f33d466c0	info	Client connected
Apr 02 14:25:35 jcp558f33d6bc70	info	Incoming Jabber component connection
Apr 02 14:25:36 focus.meet.sablab.it:component	info	External component successfully authenticated
Apr 02 14:25:36 c2s558f33d466c0	info	Stream encrypted (TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384)
Apr 02 14:25:36 c2s558f33d466c0	info	Authenticated as jvb@auth.meet.sablab.it
Apr 02 14:25:39 conference.meet.sablab.it:muc_domain_mapper	warn	Session filters applied
Apr 02 14:25:39 mod_bosh	info	New BOSH session, assigned it sid 'bb535ab3-fc21-47a6-b12d-f8f00bf59faa'
Apr 02 14:25:39 boshbb535ab3-fc21-47a6-b12d-f8f00bf59faa	info	Authenticated as 437e0a82-30f0-4535-a52c-ce5a19525579@meet.sablab.it
Apr 02 14:25:45 boshdc8b6c7e-da98-44c6-a984-db7a2885e135	info	BOSH client disconnected
Apr 02 14:25:44 conference.meet.sablab.it:muc_domain_mapper	warn	Session filters applied
Apr 02 14:25:44 mod_bosh	info	New BOSH session, assigned it sid '435d613c-6bfa-4ca6-8ed1-4d99a6096b62'
Apr 02 14:25:45 bosh435d613c-6bfa-4ca6-8ed1-4d99a6096b62	info	Authenticated as 4192c9d9-1e9c-45a3-ac71-a1c7c45b4ec5@meet.sablab.it
Apr 02 14:26:33 conference.meet.sablab.it:muc_domain_mapper	warn	Session filters applied
Apr 02 14:26:33 mod_bosh	info	New BOSH session, assigned it sid '3fad2538-9042-472a-8d98-34391db89871'
Apr 02 14:26:33 bosh3fad2538-9042-472a-8d98-34391db89871	info	Authenticated as f517d3a5-48e8-4018-a832-ed0215d33325@meet.sablab.it

Have you configured /etc/jitsi/videobridge/sip-communicator.properties? If you are behind NAT, I’d expect you need to add:

org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=your_local_address

org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=your_public_address

org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=your_local_address

org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=your_public_address

And then restart jitsi-videobridge.

I previously did it for your first two lines, also commenting an entry as stated here: https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md#advanced-configuration

unfortunately, adding the other two didnt change the result, here’s my new sip-communicator.properties (just to verify if values are reported correctly):

# cat /etc/jitsi/videobridge/sip-communicator.properties 
org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
#org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=meet-jit-si-turnrelay.jitsi.net:443
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=localhost
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.meet.sablab.it:52443
org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb
org.jitsi.videobridge.xmpp.user.shard.PASSWORD=P#Ch2hTy
org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.meet.sablab.it:52443
org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=80564c08-ffa0-462e-9d85-d97d77bfbec3
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=192.168.1.52
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=meet.sablab.it:52443
org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=192.168.1.52
org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=meet.sablab.it:52443

You’ve used domain names not IP addresses for your public IP addresses.

Try changing those to IP addresses.

You’ve also included port numbers, and I’d try without those (as I don’t think they are needed / work here, but could be wrong).

your suggestion seems to be partially effective, here’s the new message in jicofo.log

# tail /var/log/jitsi/jicofo.log
Jicofo 2020-04-02 15:41:50.907 INFO: [49] org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event ChatRoomMemberPresenceChangeEvent[type=MemberJoined sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@25f6e10d member=ChatMember[1234@conference.meet.sablab.it/75888e66, jid: null]@1472457338]
Jicofo 2020-04-02 15:41:50.915 INFO: [49] org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Granted owner to 1234@conference.meet.sablab.it/75888e66
Jicofo 2020-04-02 15:41:50.916 INFO: [49] org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member 1234@conference.meet.sablab.it/75888e66 joined.
Jicofo 2020-04-02 15:42:11.657 INFO: [53] org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().401 Focus request for room: 1234@conference.meet.sablab.it
Jicofo 2020-04-02 15:42:11.909 INFO: [49] org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event ChatRoomMemberPresenceChangeEvent[type=MemberJoined sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@25f6e10d member=ChatMember[1234@conference.meet.sablab.it/0670d079, jid: null]@2018920666]
Jicofo 2020-04-02 15:42:11.909 INFO: [49] org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member 1234@conference.meet.sablab.it/0670d079 joined.
Jicofo 2020-04-02 15:42:11.920 WARNING: [49] org.jitsi.jicofo.bridge.BridgeSelectionStrategy.log() Failed to select initial bridge for participantRegion=null
Jicofo 2020-04-02 15:42:11.920 SEVERE: [49] org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Can not invite participant -- no bridge available.
Jicofo 2020-04-02 15:42:11.926 WARNING: [49] org.jitsi.jicofo.bridge.BridgeSelectionStrategy.log() Failed to select initial bridge for participantRegion=null
Jicofo 2020-04-02 15:42:11.926 SEVERE: [49] org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Can not invite participant -- no bridge available.

I’ve managed to resolve that error in jicofo.log tweaking various configs (mainly removing the port 52443 where it should not probably go), and now the only explicit error is mentioned in /var/log/prosody.err:

# tail prosody.err 
Apr 03 16:09:46 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Apr 03 16:09:46 portmanager	error	Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281

which occurs when the service starts or restarts

aparte that, the situation is still unchanged: I can create any room, anyone can join but no video or audio stream is delivered to other participants

other logs:

# tail /var/log/jitsi/jvb.log
2020-04-03 16:32:35.939 INFO: [17] Health.doRun#294: Performed a successful health check in 17ms. Sticky failure: false
2020-04-03 16:32:45.940 INFO: [17] Videobridge.createConference#326: create_conf, id=1a0abd44469a930 gid=null logging=false
2020-04-03 16:32:45.956 INFO: [17] Health.doRun#294: Performed a successful health check in 17ms. Sticky failure: false
2020-04-03 16:32:55.959 INFO: [17] Videobridge.createConference#326: create_conf, id=caa162a8d365e5df gid=null logging=false
2020-04-03 16:32:55.987 INFO: [17] Health.doRun#294: Performed a successful health check in 31ms. Sticky failure: false
2020-04-03 16:33:01.315 INFO: [16] VideobridgeExpireThread.expire#144: Running expire()
2020-04-03 16:33:05.988 INFO: [17] Videobridge.createConference#326: create_conf, id=bfe4cf0112fc6e04 gid=null logging=false
2020-04-03 16:33:06.006 INFO: [17] Health.doRun#294: Performed a successful health check in 19ms. Sticky failure: false
2020-04-03 16:33:16.007 INFO: [17] Videobridge.createConference#326: create_conf, id=535c99143c409b59 gid=null logging=false
2020-04-03 16:33:16.022 INFO: [17] Health.doRun#294: Performed a successful health check in 16ms. Sticky failure: false

# tail /var/log/jitsi/jicofo.log
Jicofo 2020-04-03 16:35:09.010 INFO: [27] org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Region info, conference=ffd258 octo_enabled= false: [[null, null, null]]
Jicofo 2020-04-03 16:35:09.011 INFO: [57] org.jitsi.jicofo.discovery.DiscoveryUtil.discoverParticipantFeatures().148 Doing feature discovery for qwerreqw@conference.meet.sablab.it/3c836329
Jicofo 2020-04-03 16:35:09.419 INFO: [57] org.jitsi.jicofo.discovery.DiscoveryUtil.discoverParticipantFeatures().169 Successfully discovered features for qwerreqw@conference.meet.sablab.it/3c836329
Jicofo 2020-04-03 16:35:09.422 INFO: [57] org.jitsi.jicofo.AbstractChannelAllocator.log() Using jvbbrewery@internal.auth.meet.sablab.it/80564c08-ffa0-462e-9d85-d97d77bfbec3 to allocate channels for: Participant[qwerreqw@conference.meet.sablab.it/3c836329]@1036620623
Jicofo 2020-04-03 16:35:09.509 INFO: [57] org.jitsi.jicofo.ParticipantChannelAllocator.log() Sending session-initiate to: qwerreqw@conference.meet.sablab.it/3c836329
Jicofo 2020-04-03 16:35:09.765 WARNING: [27] org.jitsi.protocol.xmpp.AbstractOperationSetJingle.processJingleIQ().368 unsupported action session-terminate
Jicofo 2020-04-03 16:35:09.818 INFO: [89] org.jitsi.jicofo.discovery.DiscoveryUtil.discoverParticipantFeatures().169 Successfully discovered features for qwerreqw@conference.meet.sablab.it/588b9038
Jicofo 2020-04-03 16:35:09.819 INFO: [89] org.jitsi.jicofo.AbstractChannelAllocator.log() Using jvbbrewery@internal.auth.meet.sablab.it/80564c08-ffa0-462e-9d85-d97d77bfbec3 to allocate channels for: Participant[qwerreqw@conference.meet.sablab.it/588b9038]@942050036
Jicofo 2020-04-03 16:35:09.864 INFO: [89] org.jitsi.jicofo.ParticipantChannelAllocator.log() Sending session-initiate to: qwerreqw@conference.meet.sablab.it/588b9038
Jicofo 2020-04-03 16:35:10.428 WARNING: [27] org.jitsi.protocol.xmpp.AbstractOperationSetJingle.processJingleIQ().368 unsupported action session-terminate

# tail /var/log/prosody/prosody.log 
Apr 03 16:35:04 mod_bosh	info	Client tried to use sid '3697c7ef-ce18-4afc-b6c0-6d57a3c087cc' which we don't know about
Apr 03 16:35:04 mod_bosh	info	Client tried to use sid '3697c7ef-ce18-4afc-b6c0-6d57a3c087cc' which we don't know about
Apr 03 16:35:05 mod_bosh	info	Client tried to use sid '3697c7ef-ce18-4afc-b6c0-6d57a3c087cc' which we don't know about
Apr 03 16:35:05 mod_bosh	info	Client tried to use sid '3697c7ef-ce18-4afc-b6c0-6d57a3c087cc' which we don't know about
Apr 03 16:35:05 mod_bosh	info	Client tried to use sid '3697c7ef-ce18-4afc-b6c0-6d57a3c087cc' which we don't know about
Apr 03 16:35:05 mod_bosh	info	Client tried to use sid '3697c7ef-ce18-4afc-b6c0-6d57a3c087cc' which we don't know about
Apr 03 16:35:05 mod_bosh	info	Client tried to use sid '3697c7ef-ce18-4afc-b6c0-6d57a3c087cc' which we don't know about
Apr 03 16:35:07 conference.meet.sablab.it:muc_domain_mapper	warn	Session filters applied
Apr 03 16:35:07 mod_bosh	info	New BOSH session, assigned it sid 'd9890e48-9713-42a1-aded-b48c216be409'
Apr 03 16:35:08 boshd9890e48-9713-42a1-aded-b48c216be409	info	Authenticated as 3c836329-28bd-4729-9f51-884f6c35c349@meet.sablab.it

# tail /var/log/turn_727_2020-04-03.log 
1: IPv4. TLS/SCTP listener opened on : 127.0.0.1:4445
1: IPv4. TLS listener opened on : 127.0.0.1:4445
1: IPv4. TLS/SCTP listener opened on : 192.168.1.52:4445
1: IPv4. TLS listener opened on : 192.168.1.52:4445
1: IPv6. TLS/SCTP listener opened on : ::1:4445
1: IPv6. TLS listener opened on : ::1:4445
1: IPv4. TLS listener opened on : 127.0.0.1:4445
1: IPv4. TLS listener opened on : 192.168.1.52:4445
1: IPv6. TLS listener opened on : ::1:4445
1: SQLite DB connection success: /var/lib/turn/turndb

a couple of sidenotes:

  1. I’ve just upgraded jitsi and dependencies via apt update and everything went fine (apart the persiting problem)
  2. just in case this can be meaningful, infos about connection quality (the small green icon in the upper left corner of the user box while in conference) are missing (see screenshot)
  3. I’ve tested to and from different networks and browsers: inside and outside the same network (accessing remote machines), using firefox, chromium and jitsi app (connecting both via wifi and 3g), always with the same result: I can connect to the conference without any stream
  4. tried the https://test.webrtc.org/ website from all platform used for testing, always passing the test

what else can I do or check before giving up?

connection

update: i’ve finally managed to solve restarting the installation from scratch, must have been something done wrong amid various steps

thanks to everyone who tried to help, i’ve learned a lot banging my head for days anyway, including that on standard ubuntu 18.04 clean server installation, the only thing that needs to be modified to repoint on different ports (in my case i chose port 52443) are:

the nginx config file:

# vi /etc/nginx/sites-available/my.domain.ext.conf
server {
    listen 52443 ssl http2;
    listen [::]:52443 ssl http2;
    server_name my.domain.ext;

the main jitsi config for the domain:

# vi /etc/jitsi/meet/my.domain.ext-config.js
    // BOSH URL. FIXME: use XEP-0156 to discover it.
    bosh: '//my.domain.ext:52443/http-bind',

thanks again everyone

2 Likes

Thank you for your update.
I had the same effekt, no sound, no video.
After changing the server name to the full domain it worked.

I believe the underlying issue is that browsers (chrome) will refuse to enable peripherals (camera/audio) when SSL layer security is missing.

I’ve got a question if you don’t mind because I’m getting the same issue: do you still get the weird Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281 message in your prosody.err log?

I am having similar problems.

When you say “the full domain” do you mean including the hostname? or without it?

The standard install of ubuntu is to set /etc/hosts just to the hostname.
Ex. for “jitsi” as hostname:

127.0.1.1 jitsi

Change this line to

127.0.1.1 jitsi.full.domain jitsi