How to secure a TURN server for WebRTC?

2019-04-24 00:24发布

问题:

I've just installed rfc5766-turn-server (https://code.google.com/p/rfc5766-turn-server/) on an Amazon server in order to relay my WebRTC calls.

Since authentication username and password will be distributed to every client in WebRTC iceServers, how can I ensure that only my clients use my TURN to relay their call?

回答1:

You can use this instead https://code.google.com/p/coturn/. It's evolved from rfc5766-turn-server project.

Supported TURN authentication mechanisms:

  • 'classic' long-term credentials mechanism;
  • TURN REST API (a modification of the long-term mechanism, for time-limited secret-based authentication, for WebRTC applications: http://tools.ietf.org/html/draft-uberti-behave-turn-rest-00)
  • experimental third-party oAuth-based client authorization option