Jitsi - Buster - Apache - Coturn

Hi,
i want to test jitsi and installed it on Debian Buster with Apache2 and on same machine with coturn. But i got in jvb.log
Health check failed in 0ms:
java.lang.Exception: Address discovery through STUN failed

In prosody.err i got:
portmanager error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281

The Server is public and I can connect with smartphone a and b, but not with a and c. It doesnt matter if c is in home wifi behind nat, or connected with isp.
I tried different Stun Server with no success and same error. Any idea?
thx

Is outgoing udp to 443 enabled?

Hi,
These ports are open 8888, 5280, 5269 (xmpp-server), 5222 (xmpp-client), 3479, 3478, 443 (https), or should i enable 443 expliciet in which config?

I was reffering to outgoing traffic. Do you have rules for outgoing traffic?

I have no Firewall active.

Hi damencho,
do you have any further idea to solve this? I tested it with 2 mobile devices behind nat and cant connect. Errorlog shows Stun error. If i put one of this devices out of home network and connect via lte network, i got the same error. I think i have a missconfigure situation, but dont know where to look for an correct howto for this system.

Try setting up:

org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=<Local.IP.Address>
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=<Public.IP.Address>

as described here:

Thx for your reply. I only have one IP-Adress, its an public server. I set local and public to the same and tested. Message in jvb.log is now: Performed a successful health check in 17ms. Sticky failure: false.

On Android App i now got message to reconnect and if i say yes, i am going back to default app page. i also notice that i cant create any room from this device on this server via jitsi app. if i use the public jitsi server i can do. On this device runs Android 6. I tested it with two android 8.1 devices. Same problem. Message connection was disconected, retry and on click on reconnect i going to main view in android app. Any idea?

Are you accessing the server by using the ip address or do you have a domain name?
I read somewhere that one can’t access the site by using the ip address on mobile devices cause you can’t accept self signed certificates (like you can on desktop machines).

I use the FQDN with certificate from lets encrypt. On my Android 10, its not a problem. The only error message i can see is: In prosody.err:
portmanager error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281

I just found this:

here is another one: