Fallback to port 443 does not work as expected

I reconfigured nginx a couple of minutes ago to default to turn and now it works for me.

    meet.blahblah.com web_backend;
    turn.blahblah.com turn_backend;
    default turn_backend;

Without defaulting, I do not receive the certificate. No clue why…

Edit: Sorry, it’s late, told it vice versa… :slight_smile: had to default to turn and not to web to make it work (changed it above in the thread). When defaulting to web I receive the meet.blahblah.com certificate altough requesting turn.blahblah.com

Good Night.

Same issue with using Firefox. Chrome works.

Are you reproducing this on meet.jit.si?


Using Firefox on the one end and Edge on the other end on meet.jit.si works:

But this is the result on my own test-jitsi (freshly installed system for testing this issue:

I’ve blocked all outging UDP-traffic for Firefox via Windows Firewall.

There are no relay candidates in the non working example like those were not received from prosody … You can do APP.conference.saveLogs() when you repro and see were those sent … Is it configured in prosody?

Hi @damencho,

here are my logs: https://cloud.snejp.de/s/R5LZZkZKe9CJHtW


external_service_secret = "xxxx";
external_services = {
     { type = "stun", host = "turn.snejp.de", port = 3478 },
     { type = "turn", host = "turn.snejp.de", port = 3478, transport = "udp", secret = true, ttl = 86400, algorithm = "turn" },
     { type = "turns", host = "turn.snejp.de", port = 5349, transport = "tcp", secret = true, ttl = 86400, algorithm = "turn" }

Do you know a good documentation for setting up turnserver with jitsi? I need it for a company with an quite restrictive firewall which blocks all outgoing UDP-traffic.

Do you have external_services module enabled, like this: jitsi-meet/prosody.cfg.lua-jvb.example at 450c961e6846c16035c56a6a9880fe65a3f610db · jitsi/jitsi-meet · GitHub

Is the jvb there inside the restricted udp traffic network?

The best doc is do a clean install, it configures a turnserver by default and then using a second DNS configure that instance to use port 443 as described in the handbook.

I’ve did a test with Firefox 85 and everything works fine. But Firefox 88 fails.

I did just that today, on an EC2 Amazon, with all ports open;
But when I enable the module in nginx and change the port from 443 to 4444, it keeps giving error.

PS: It took me a while to understand that it is no longer necessary to enable the “turncredentials” module in prosody.