Jitsi meet start without https support and i can not become conference owner and can not stream to youtube

Hello. I created local static DNS entry “192.168.0.70 vconf.org” with help of Mikrotik router, and checked that any PC in localnet can resolve this DNS query successfully.
Then I make fresh install of jitsi-meet on 192.168.0.70 local server following this guide https://www.howtoforge.com/tutorial/how-to-create-your-own-video-conference-using-jitsi-meet-on-ubuntu-1804/
Only problem I have during installation was certificate generation minor issue:
IMPORTANT NOTES

  • The following errors were reported by the server

Domain: mydomain
Type: connection
Detail: dns :: DNS problem: NXDOMAIN looking up A for mydomain

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that your computer has publicly routable IP address and that no firewalls are preventing the server from communicating with client. If you are using webroot plugin, you should also verify that you are serving files from the webroot path you provided.

Conferencing works fine, but using only insecure http connection. It would be no problem but I can not become owner of conference and can not stream on youtube, yet I am a moderator. Can i fix it somehow?

This error is from LetsEncrypt, they can’t issue an SSL certificate for a server that is not reachable.
One way to resolve this is to have the domain somewhere publicly, issue the SSL and then move it to the local server.
Or you can just use the self-signed SSL certificates that are installed by Jitsi Meet (before the LetsEncrypt part). As you are using it on local net, it won’t be a problem to trust this self-signed SSL, because you know it’s genuine.
BTW I see that the tutorial you mention is more than a year old, it’s better to use the upstream Jitsi tutorials, for example the Quick Install (https://jitsi.org/qi).

Thank you. Is there some manual on how to use Jitsi sertificate instead of Letsencrypt?
If I understand correctly, self-signed certificate will help me to establish SSL connection and thus will allow me to stream conference on Youtube?
Because now, without SSL connection, I do not even see admin tools which are necessary for livestreaming. I assume that livestreaming only possible via https connection, and I don’t have any.

You need SSL for the conferences themselves and for the recording/streaming module to be able to join the conference to stream it. So first you have to configure SSL – LetsEncrypt is not an option for you if you want to have everything on the local net.

The Quick Install manual I referred to will guide you through the basic setup. In fact you already had that, before trying LetsEncrypt – maybe your server is still running with the self-signed certificate? My point is, that if you followed the instructions you should have a certificate, even being self-signed, and the platform should work.

If not, please tell us what errors you are seeing and what exactly you are doing to test. As it’s an all-local install, I can just guess what may be wrong.

The manual that you gave me describe how to install Letsencrypt sertificate. I can not find anything about local certificate. Nginx and jitsi now use certificate generated by Lestencript.
Only options I’ve found there, in manual, are adding additional lines to configuration files.
I guess I must add

org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=<Local.IP.Address-of-Machine-With-Jitsi-Installation>
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=<Public.IP.Address-Of-My-Router>

I am correct?

Following the manual, after installing Jitsi Meet and before continuing with LetsEncrypt certificate, you have an installation running with self signed SSL certificates. So if you install Jitsi Meet and not go on installing LetsEncrypt stuff, what you have is a self signed SSL.

The other option is to generate and install self signed SSL certificate yourself. Google for ‘openssl self signed nginx’ (or something similar) and you will find a lot of detailed info how to generate self signed SSL certificate and install it in Nginx.

The NAT harvester settings you mention are needed only if you are behind NAT, if you have a local and a public IP address, which is you are entirely on LAN is not the case.

Thanks. But the problem is that self-signed certificate is considered not safe by browsers, so they refuse to establish SSL-connection with my jitsi installation. I guess self-signed certificate is not an option for me.

Like I mentioned, if you are using it only on local network, you can trust the self-signed SSL in the browsers, it’s all about trust and if you trust your own self-signed SSL, it’s not a problem to tell the local browsers to trust it.

You have an issue with trust if you are accessing a public IP with self-signed (or better said signed by an unknown issuer) SSL, but you are not on Internet, in your local LAN you can use whatever SSL you decide and it will work.

Google for “trust self signed certificate” or similar to find the steps to add your self-signed SSL to different browsers.