搭建Jitsi Meet视频会议服务器

目录

 

1、在线示例

2、下载安装

3、存在的问题 

3.1 启动报错

3.2 无法进行多人视频

3.3 外网无法进行音视频通信 

---

1、在线示例

https://meet.jit.si/

在两个浏览器客户端输入同样的房间号之后，就可以开始视频会议了

2、下载安装

本次测试是在ubuntu 16.04的环境下进行的

首先，安装jitsi-meet

echo 'deb https://download.jitsi.org stable/' >> /etc/apt/sources.list.d/jitsi-stable.list

wget -qO -  https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -

apt-get update

apt-get -y install jitsi-meet

安装过程中出现如下提示，这里填写局域网的ip地址

这里选择第一个，自动生成秘钥

安装完后，存在下面3个进程：

另外，还需要额外安装nginx

apt-get install nginx

编辑nginx的配置文件/etc/nginx/conf.d/default.conf， 将所有内容替换成/usr/share/doc/jitsi-meet-web-config/jitsi-meet.example，并将其中所有jitsi-meet.example.com的地方修改成之前安装jitsi-meet的时候输入的那个域名或ip，我这里配置的是192.168.10.16。改完之后的内容如下：

server_names_hash_bucket_size 64;

server {
    listen 80;
    server_name 192.168.10.16;
    return 301 https://$host$request_uri;
}
server {
    listen 443 ssl;
    server_name 192.168.10.16;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED";

    add_header Strict-Transport-Security "max-age=31536000";

    ssl_certificate /etc/jitsi/meet/192.168.10.16.crt;
    ssl_certificate_key /etc/jitsi/meet/192.168.10.16.key;

    root /usr/share/jitsi-meet;
    index index.html index.htm;
    error_page 404 /static/404.html;

    location /config.js {
        alias /etc/jitsi/meet/192.168.10.16-config.js;
    }

    location /external_api.js {
        alias /usr/share/jitsi-meet/libs/external_api.min.js;
    }

    location ~ ^/([a-zA-Z0-9=\?]+)$ {
        rewrite ^/(.*)$ / break;
    }

    location / {
        ssi on;
    }

    # BOSH
    location /http-bind {
        proxy_pass      http://localhost:5280/http-bind;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $http_host;
    }
}

启动nginx

service nginx start

 启动过程中报错

 输入systemctl status nginx.service查看原因

提示443端口被占用，443端口是被刚才安装的jitsi-videobridge模块占用

这里我们的处理方法是，先关闭jitsi-videobridge模块，启动nginx，然后再次启动jitsi-videobridge模块，这时jitsi-videobridge模块就会改用4443端口。

service jitsi-videobridge stop
service nginx start
service jitsi-videobridge start

再次查看jitsi-videobridge的端口占用情况

在网页上输入ip地址后，就会出现前面的画面了

在两个浏览器客户端输入相同房间号，就可以进入视频会议了

3、存在的问题 

搭完环境后，在测试的过程中发现了以下一系列问题需要解决的。

3.1 启动报错

启动jicofo，报如下的错误

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:810)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1200(XMPPTCPConnection.java:151)
	at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1071)
	... 3 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
	at sun.security.validator.Validator.validate(Validator.java:262)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)
	... 13 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
	... 19 more

尝试了网上的一些方法，例如生成秘钥，添加到jdk security目录下面去，没有解决问题

3.2 无法进行多人视频

只能有两人进入视频会议，一旦超过两人，就无法显示声音和视频

3.3 外网无法进行音视频通信 

在路由器上配置443端口对外开放后，访问公网的ip地址后，可以访问到主页，但是无法进行音视频通信，后续需要解决。