Secure, Simple and Scalable Video Conferencing with Jitsi

OVERVIEW

                                                                    

 

The situation with COVID-19 affects not only the private lives of people and their families but also the business, excluding the possibility of face-to-face communication. Many individuals and companies are forced to adapt to work and communicate remotely.

Thus video conferencing got a high-level demand. One of the key players in this market is Zoom video conferencing software. However, there are multiple claims regarding Zoom security, confidentiality and data privacy. As a result, people are looking for alternatives that can be privately hosted. That’s why Jitsi Meet open source video conferencing tool is gaining more and more popularity, as it can be installed at the preferred local cloud provider or on-premise.

Why Jitsi?

The key advantages of using Jitsi video conferencing:

1. Open-source solution provided for free and with a wide community support

2. Installation in one click and easy setup

3. User-friendly process of arranging video and audio calls, as well as multi-meeting rooms

4. High level of privacy and security due to deployment inside isolated containers with encrypted traffic

5. A wide choice of service providers across different countries to host the application locally

6. Support of all available clients (Windows, Linux, Mac, iOS, Android)

In this article, we’ll share the details of how to get Jitsi up and running with Apiqcloud PaaS in order to achieve full control over your data, secure hosting in a local datacenter and meet no need in manual installation with complex maintenance. Follow the steps below and get your own self-hosted video conferencing application in minutes.

Jitsi Installation

STEPS -

1 - Sign in Apiqcloud dashboard and go to the marketplace and search for Jitsi. Click on install.

                                     

Once the installation is completed the successful window appears with credentials of the video conferencing host (administrator).

                                                         

2 - Click on Jitsi Server URL or Open in Browser button to get access to the video conferencing admin panel.

SECURITY NOTES: 

SSL CERTIFICATE

1. By default, the platform issues test intermediate certificates (“Fake LE Intermediate X1”). They are not safe to use for anything other than initial testing.

2. For issuing valid certificates please follow the instruction at the Bind Custom Domain section below.

3. Unlike a regular web browser, the Mobile Jitsi client works with valid and trusted certificates only.

ENCRYPTION

All the data in Jitsi is encrypted. It should be noted that end-to-end encryption is only possible in point-to-point calls i.e. if just two people are in the room. In case of multi-user conferencing the encryption is used between the server and clients only. But since we are running a dedicated and private instance the data is stored inside the isolated container and under your control with no third party can access it.

                                   

3 - Use a meeting name generator to avoid possible coincidences or create your own one e.g. MyPrivateMeeting and click on GO. Then press I am the host button and enter credentials you got upon Jitsi installation to become the video conferencing service administrator.

                                   

The meeting appears once the first participant joins it by the URL and it is destroyed right as the last participant has left it. So, if necessary to maintain some room with a specific meeting all the time there should stay at least one participant. Otherwise, if someone joins the same meeting room again, a brand new meeting is created with the same name and there will be no connection with the previous meeting. 

Jitsi can be used to run multiple meetings at a time with a limitation of 75 clients connected per meeting. By default, Jitsi server in Jelastic has enough resource capacity to handle a heavy load, but if necessary you can scale it vertically on-the-fly.

4 - The next step is to secure your meeting with a password to ensure that somebody uninvited can reach it even in case of coincidence of the names.

                                     

Now your meeting is ready to accept connections from the users you shared the link to, just don’t forget to send invitations to them with the meeting’s Link and Password.

Remember that the password is reset once the meeting has left by all the participants. So, while joining a new meeting in the same room, note that the password should be set up once again.

Extra Functionality

Jitsi attracts also with some unique features available in one application:

1. YouTube sharing allows playing video from YouTube to all the participants.

                                       

2. Screen sharing allows you to share:

i. Whole computer screen

ii. Window of a specific application

iii. Specific web browser tab

 

    3. One more useful option is an intellectual Blur my background option. System automatically detects the speaker’s body and displays it with no  distortion but blurs the background surrounding it.

                                         

Bind Custom Domain

Now your Jitsi server is available by platform’s domain generated upon installation with the test fake certificates. It is enough to get it to work for developing or testing purposes. But for the production, you definitely need to have your own domain available for your video conferencing server.

  1. Bind a custom domain name to your Jitsi server via A Record or CNAME. It’s a mandatory requirement. You can find provided IP address in the environment topology as follows.

                                                 

2. Then generate valid Let’s Encrypt SSL certificates. To do this open the Add-Ons tab, find Domain Configuration Add-On and click on Change.

                                           

3. Specify your custom domain name in the popup window and apply the changes in order to initiate the certificate generation procedure.

                                             

Once it is completed the success window appears.

                                              

Now your video conferencing server is ready to serve requests under new custom domain name with valid Let’s Encrypt SSL certificate.

  • 3 Kasutajad peavad seda kasulikuks
Kas see vastus oli kasulik?