=========== Requirements ==============
1) Need BBB 1.0 version to be installed, reference link are provided below:
http://docs.bigbluebutton.org/install/install.html
http://docs.bigbluebutton.org/install/setup.html
https://www.unixmen.com/install-bigbluebutton-web-conferencing-system-ubuntu/
2) Rails App Software versions:
RUBY VERSION: 2.2.2 (2015-04-13 patchlevel 95) [x86_64-linux]
RUBYGEMS VERSION: 2.4.5
RAILS: 4.2.4 (Mentioned in ruby gem file)
=========== HTTPS Migration Changes ==============
===== 1) BigblueButton Client =====
1) Create the directory /etc/nginx/ssl:
mkdir /etc/nginx/ssl
2) Place the server.crt, server.key and exphosted.pem file in the above location
3) Run the following command
openssl dhparam -out /etc/nginx/ssl/dhp-2048.pem 2048
4) Edit /etc/nginx/sites-available/bigbluebutton and add the below changes:
server {
listen 80;
server_name devmeeting01.exphosted.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS:!AES256";
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhp-2048.pem;
[...]
# BigBlueButton landing page.
location / {
proxy_pass https://localhost:4444;
proxy_redirect default;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#root /var/www/bigbluebutton-default;
#index index.html index.htm;
#expires 1m;
}
5) **Edit the server.crt file and add the CA file(bundle.crt) content at the end.**
6) Edit the file /etc/bigbluebutton/nginx/sip.nginx and change the protocol and port on the proxy_pass line as shown:
location /ws {
proxy_pass https://159.203.102.65:7443;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_read_timeout 6h;
proxy_send_timeout 6h;
client_body_timeout 6h;
send_timeout 6h;
}
7) Edit the file /var/www/bigbluebutton/client/lib/bbb_webrtc_bridge_sip.js and change the line that selects the ‘ws’ protocol to use ‘wss’ instead:
var configuration = {
uri: 'sip:' + encodeURIComponent(username) + '@' + server,
wsServers: 'wss://' + server + '/ws',
displayName: username,
register: false,
traceSip: true,
autostart: false,
userAgentString: "BigBlueButton",
stunServers: stunsConfig['stunServers'],
turnServers: stunsConfig['turnServers']
};
8) Add this line in ~/bin/deploybbbclient.sh script
sed -e 's|http://|https://|g' -i src/conf/config.xml
9) Restart nginx
sudo /etc/init.d/nginx restart
10) Restart BBB
sudo bbb-conf --restart
11) Refer this link for more details:
http://docs.bigbluebutton.org/install/install.html#configuring-https-on-bigbluebutton
===== 2) Rails Server =====
1) **Set the following details in config/ssl_settings.yml file:**
ca_file_path: "/etc/nginx/ssl/new-cert/bundle.crt"
key_file_path: "/etc/nginx/ssl/new-cert/server.key"
crt_file_path: "/etc/nginx/ssl/new-cert/server.crt"
use_ssl: true
2) If we are using webrick as the app server, add the following code in /deploy/expertus_meeting/current/bin/rails file
APP_PATH = File.expand_path('../../config/application', __FILE__)
require_relative '../config/boot'
require 'rails/commands/server'
require 'rack'
require 'webrick'
require 'webrick/https'
module Rails
class Server < ::Rack::Server
def default_options
super.merge({
:Port => 4444,
:pid => File.expand_path("tmp/pids/server.pid"),
:config => File.expand_path("config.ru"),
:SSLEnable => true,
:SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
:SSLPrivateKey => OpenSSL::PKey::RSA.new(File.open("/etc/nginx/ssl/new-cert/server.key").read),
:SSLCertificate => OpenSSL::X509::Certificate.new(File.open("/etc/nginx/ssl/new-cert/server.crt").read),
:SSLCertName => [["CN", WEBrick::Utils::getservername]],
})
end
end
end
require 'rails/commands'