TURNS on port 443


I’m trying to configure turns on port 443 as stated in handbook page.

All is working well with the standard configuration when coturn receives relay packets directly on 5349, tested with 3 browser tabs and 10000 udp blocked.

My problem is that clients insist to use port 5349, even if I configured things according to the handbook page. In prosody I set:

external_service_secret = "redacted";

external_services = {
   { type = "stun", host = "meet.my.domain.com", port = "3478" },
   { type = "turn", host = "meet.my.domain.com", port = "3478", transport = "udp", secret = true, algorithm = "turn"},
   { type = "turns", host = "turn.my.domain.com", port = "443", transport = "tcp", secret = true, algorithm = "turn" }

Any hint?

Any errors in prosody, on restart?

You don’t have turn settings in config.js, right?

Ha ! you converted your setup from turncredentials ! And you did not notice like about 99,9% of admins including me that these crafty Prosody devs have replaced a port parameter surrounded by quotes by a parameter where there are no quotes… and of course they have carefully avoided any warning so that everyone falls into their diabolical trap. And port 5349 ? it’s the default.


No error in prosody log, apart from the usual:
error Error binding encrypted port for https: No certificate present in SSL/TLS configuration for https port 5281

No settings in config.js, i’ve read that useStunTurn is deprecated.

Yay! Stupid me, I read here on the forum something about quotes, but forgot to check. A day lost for that.

Many many thanks. On the positive side: I developed deeper knowledge about Jitsi internal architecture …