TURNS on port 443

robre · February 21, 2022, 6:58pm

Hello,

I’m trying to configure turns on port 443 as stated in handbook page.

All is working well with the standard configuration when coturn receives relay packets directly on 5349, tested with 3 browser tabs and 10000 udp blocked.

My problem is that clients insist to use port 5349, even if I configured things according to the handbook page. In prosody I set:

external_service_secret = "redacted";

external_services = {
   { type = "stun", host = "meet.my.domain.com", port = "3478" },
   { type = "turn", host = "meet.my.domain.com", port = "3478", transport = "udp", secret = true, algorithm = "turn"},
   { type = "turns", host = "turn.my.domain.com", port = "443", transport = "tcp", secret = true, algorithm = "turn" }
};

Any hint?

damencho · February 21, 2022, 7:32pm

Any errors in prosody, on restart?

damencho · February 21, 2022, 7:33pm

You don’t have turn settings in config.js, right?

gpatel-fr · February 21, 2022, 8:14pm

Ha ! you converted your setup from turncredentials ! And you did not notice like about 99,9% of admins including me that these crafty Prosody devs have replaced a port parameter surrounded by quotes by a parameter where there are no quotes… and of course they have carefully avoided any warning so that everyone falls into their diabolical trap. And port 5349 ? it’s the default.

robre · February 21, 2022, 9:03pm

No error in prosody log, apart from the usual:
error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281

robre · February 21, 2022, 9:05pm

No settings in config.js, i’ve read that useStunTurn is deprecated.

robre · February 21, 2022, 9:08pm

Yay! Stupid me, I read here on the forum something about quotes, but forgot to check. A day lost for that.

Many many thanks. On the positive side: I developed deeper knowledge about Jitsi internal architecture …