How to enable Secure Domain on JITSI

Jitsi is an open-source voice, video conferencing and instant messaging application. We can use it to easily build and deploy secure communication solution. It is developed in Java and supports many telephony and instant messaging protocols.

Secure Domain will make it possible to only allow authenticated users to create rooms. When a new conference is to be started, JITSI will prompt for username and password. Once the host is authenticated only then the conference will start.

Installation


We will be using Ubuntu 18 LTS as our host system. This tutorial assumes that you have installed JITSI meet. If you need help with installing JITSI then you can check this tutorial. Here is a brief overview of the steps we will be following in this tutorial to setup secure domain (authentication) on JITSI-MEET server.

  1. Prosody Configuration
  2. Jitsi-meet Configuration
  3. Jicofo Configuration

Step 1: Prosody Configuration


To begin with, we will configure the prosody config file for our host.

nano /etc/prosody/conf.avail/[your-hostname].cfg.lua

Under virtualhost “hostname” section we are required to change the authentication mode. The default is anonymous but here we are required to use the Hashed mode.

authentication = "internal_hashed"

Also, we are required to add the following block to enable anonymous login for guests

VirtualHost "guest.your-jitsi-domain.com"
authentication = "anonymous"
c2s_require_encryption = false 

Step 2: Jitsi-Meet Configuration


Now we will edit the config.js file to enable (set) the anonymous domain option.

nano /etc/jitsi/meet/[hostname]-config.js

Add the following line and not forget to change the domain name with your domain name

anonymousdomain: 'guest.your-jitsi-domain.com 

Step 3: Jicofo Configuration


Now let’s enable authentication in Jicofo by editing jicofo config file.

nano /etc/jitsi/jicofo/sip-communicator.properties

Add the following line. Do not forget to replace the domain name with your JITSI domain.

org.jitsi.jicofo.auth.URL=XMPP:your-jitsi-domain.com 

All the configuration is now done and we should now restart our system for the changes to take place.

shutdown -r now

At last, we can use prosodyctl to create users.

sudo prosodyctl register yourusername meet.your-jitsi-domain.com yourpassword 
# For example
sudo prosodyctl register ramneek myjitsidomain.com MyPassworD

Now when we will start a meeting, JITSI gonna ask us to enter username and password in order to join the meeting as a host.

After clicking on “I am the Host” button you will be asked for the credentials which we made using the prosodyctl.


Thanks for spending time with us. If you have any question or want to provide feedback please leave a comment in the comment section.

Leave a Reply

Your email address will not be published. Required fields are marked *