Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 01 May 2020 00:15:32 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 246069] net-im/jicofo: need trust installation instructions and refinement of keystore
Message-ID:  <bug-246069-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D246069

            Bug ID: 246069
           Summary: net-im/jicofo: need trust installation instructions
                    and refinement of keystore
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: acm@FreeBSD.org
          Reporter: mandree@FreeBSD.org
          Assignee: acm@FreeBSD.org
             Flags: maintainer-feedback?(acm@FreeBSD.org)

Greetings,

I've needed to invest quite a bit of time to get jicofo to talk to prosody
because the upstream documentation is specific to Debian, and Java certific=
ate
handling is quite different on Debian-based systems vs. FreeBSD.

I am proposing to add some documentation to save users some digging.

Please check if the instructions below are correct, and then put them into a
pkg-message file and/or a post-install documentation referenced from
pkg-message.

These links aren't exactly helpful for FreeBSD.

https://github.com/jitsi/jitsi-meet/blob/master/doc/manual-install.md#insta=
ll-jitsi-conference-focus-jicofo

https://github.com/jitsi/jicofo/blob/master/README.md#certificates

Here's what I needed to do:

openssl x509 -in  /var/db/prosody/auth.jitsi.example.org.crt -outform der \
 -out  /var/db/prosody/auth.jitsi.example.org.der

keytool -import -trustcacerts -file /var/db/prosody/auth.jitsi.example.org.=
der
\
 -alias auth.jitsi.example.org -keystore /usr/local/etc/ssl/java.pem

and as password I used the default "changeme".

However, the file is misnamed and should be called trust.jsk or something, =
and
possibly we should move it outside /usr/local/etc/ssl, and rather into
.../etc/jitsi/trust.jsk:

# file /usr/local/etc/ssl/java.pem
/usr/local/etc/ssl/java.pem: Java KeyStore

I think we would need a full deployment instruction set for FreeBSD, and
possibly a rapid-deployment meta-port.

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-246069-7788>