openvidu-deployment: Azure & GCP - certificate handling to accept base64 encoded certificates directly

- Updated the OpenVidu deployment scripts for GCP and Azure to eliminate the need for downloading and converting certificate files.
- Modified variable descriptions to specify that public and private certificates should be provided in base64 format.
- Adjusted the installation scripts to use the provided base64 encoded certificates directly for both OpenVidu and TURN server configurations.

openvidu-deployment/community/singlenode/azure/cf-openvidu-singlenode.bicep

@@ -19,19 +19,19 @@ param publicIpAddressObject object
 @description('Domain name for the OpenVidu Deployment. Blank will generate default domain')
 param domainName string = ''
 
-@description('If certificate type is \'owncert\', this parameter will be used to specify the public certificate')
+@description('If certificate type is \'owncert\', this parameter will be used to specify the public certificate in base64 format')
 param ownPublicCertificate string = ''
 
-@description('If certificate type is \'owncert\', this parameter will be used to specify the private certificate')
+@description('If certificate type is \'owncert\', this parameter will be used to specify the private certificate in base64 format')
 param ownPrivateCertificate string = ''
 
 @description('(Optional) Domain name for the TURN server with TLS. Only needed if your users are behind restrictive firewalls')
 param turnDomainName string = ''
 
-@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified.')
+@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified. Provide in base64 format.')
 param turnOwnPublicCertificate string = ''
 
-@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified.')
+@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified. Provide in base64 format.')
 param turnOwnPrivateCertificate string = ''
 
 @description('Initial password for the \'admin\' user in OpenVidu Meet. If not provided, a random password will be generated.')
@@ -295,14 +295,9 @@ elif [[ "${certificateType}" == "letsencrypt" ]]; then
     "--certificate-type=letsencrypt"
   )
 else
-  # Download owncert files
+  # Use base64 encoded certificates directly
-  mkdir -p /tmp/owncert
+  OWN_CERT_CRT=${ownPublicCertificate}
-  wget -O /tmp/owncert/fullchain.pem ${ownPublicCertificate}
+  OWN_CERT_KEY=${ownPrivateCertificate}
-  wget -O /tmp/owncert/privkey.pem ${ownPrivateCertificate}
-
-  # Convert to base64
-  OWN_CERT_CRT=$(base64 -w 0 /tmp/owncert/fullchain.pem)
-  OWN_CERT_KEY=$(base64 -w 0 /tmp/owncert/privkey.pem)
 
   CERT_ARGS=(
     "--certificate-type=owncert"
@@ -312,14 +307,9 @@ else
 
   # Turn with TLS and own certificate
   if [[ "${turnDomainName}" != '' ]]; then
-    # Download owncert files
+    # Use base64 encoded certificates directly
-    mkdir -p /tmp/owncert-turn
+    OWN_CERT_CRT_TURN=${turnOwnPublicCertificate}
-    wget -O /tmp/owncert-turn/fullchain.pem ${turnOwnPublicCertificate}
+    OWN_CERT_KEY_TURN=${turnOwnPrivateCertificate}
-    wget -O /tmp/owncert-turn/privkey.pem ${turnOwnPrivateCertificate}
-
-    # Convert to base64
-    OWN_CERT_CRT_TURN=$(base64 -w 0 /tmp/owncert-turn/fullchain.pem)
-    OWN_CERT_KEY_TURN=$(base64 -w 0 /tmp/owncert-turn/privkey.pem)
 
     CERT_ARGS+=(
       "--turn-owncert-private-key=$OWN_CERT_KEY_TURN"

openvidu-deployment/community/singlenode/azure/createUiDefinition.json

@@ -113,7 +113,7 @@
                             "name": "ownPublicCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Own Public Certificate",
-                            "subLabel": "\nIf certificate type is 'owncert', this parameter will be used to specify the public certificate",
+                            "subLabel": "\nIf certificate type is 'owncert', this parameter will be used to specify the public certificate in base64 format",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -134,7 +134,7 @@
                             "name": "ownPrivateCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Own Private Certificate",
-                            "subLabel": "\nIf certificate type is 'owncert', this parameter will be used to specify the private certificate",
+                            "subLabel": "\nIf certificate type is 'owncert', this parameter will be used to specify the private certificate in base64 format",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -356,7 +356,7 @@
                             "name": "turnOwnPublicCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Turn Own Public Certificate",
-                            "subLabel": "\n(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified.",
+                            "subLabel": "\n(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format.",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -377,7 +377,7 @@
                             "name": "turnOwnPrivateCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Turn Own Private Certificate",
-                            "subLabel": "\n(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified.",
+                            "subLabel": "\n(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format.",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {

openvidu-deployment/community/singlenode/gcp/tf-gpc-openvidu-singlenode.tf

@@ -278,14 +278,9 @@ elif [[ "${var.certificateType}" == "letsencrypt" ]]; then
     "--certificate-type=letsencrypt"
   )
 else
-  # Download owncert files
+  # Use base64 encoded certificates directly
-  mkdir -p /tmp/owncert
+  OWN_CERT_CRT=${var.ownPublicCertificate}
-  wget -O /tmp/owncert/fullchain.pem ${var.ownPublicCertificate}
+  OWN_CERT_KEY=${var.ownPrivateCertificate}
-  wget -O /tmp/owncert/privkey.pem ${var.ownPrivateCertificate}
-
-  # Convert to base64
-  OWN_CERT_CRT=$(base64 -w 0 /tmp/owncert/fullchain.pem)
-  OWN_CERT_KEY=$(base64 -w 0 /tmp/owncert/privkey.pem)
   CERT_ARGS=(
     "--certificate-type=owncert"
     "--owncert-public-key=$OWN_CERT_CRT"
@@ -294,13 +289,9 @@ else
 
   # Turn with TLS and own certificate
   if [[ "${var.turnDomainName}" != '' ]]; then
-    # Download owncert files
+    # Use base64 encoded certificates directly
-    mkdir -p /tmp/owncert-turn
+    OWN_CERT_CRT_TURN=${var.turnOwnPublicCertificate}
-    wget -O /tmp/owncert-turn/fullchain.pem ${var.turnOwnPublicCertificate}
+    OWN_CERT_KEY_TURN=${var.turnOwnPrivateCertificate}
-    wget -O /tmp/owncert-turn/privkey.pem ${var.turnOwnPrivateCertificate}
-    # Convert to base64
-    OWN_CERT_CRT_TURN=$(base64 -w 0 /tmp/owncert-turn/fullchain.pem)
-    OWN_CERT_KEY_TURN=$(base64 -w 0 /tmp/owncert-turn/privkey.pem)
     CERT_ARGS+=(
       "--turn-owncert-private-key=$OWN_CERT_KEY_TURN"
       "--turn-owncert-public-key=$OWN_CERT_CRT_TURN"

openvidu-deployment/community/singlenode/gcp/variables.tf

@@ -54,13 +54,13 @@ variable "domainName" {
 }
 
 variable "ownPublicCertificate" {
-  description = "If certificate type is 'owncert', this parameter will be used to specify the public certificate"
+  description = "If certificate type is 'owncert', this parameter will be used to specify the public certificate in base64 format"
   type        = string
   default     = ""
 }
 
 variable "ownPrivateCertificate" {
-  description = "If certificate type is 'owncert', this parameter will be used to specify the private certificate"
+  description = "If certificate type is 'owncert', this parameter will be used to specify the private certificate in base64 format"
   type        = string
   default     = ""
 }
@@ -114,13 +114,13 @@ variable "turnDomainName" {
 }
 
 variable "turnOwnPublicCertificate" {
-  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
+  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
   type        = string
   default     = ""
 }
 
 variable "turnOwnPrivateCertificate" {
-  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
+  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
   type        = string
   default     = ""
 }

openvidu-deployment/pro/elastic/azure/cf-openvidu-elastic.bicep

@@ -19,19 +19,19 @@ param publicIpAddressObject object
 @description('Domain name for the OpenVidu Deployment. Blank will generate default domain')
 param domainName string = ''
 
-@description('If certificate type is \'owncert\', this parameter will be used to specify the public certificate')
+@description('If certificate type is \'owncert\', this parameter will be used to specify the public certificate in base64 format')
 param ownPublicCertificate string = ''
 
-@description('If certificate type is \'owncert\', this parameter will be used to specify the private certificate')
+@description('If certificate type is \'owncert\', this parameter will be used to specify the private certificate in base64 format')
 param ownPrivateCertificate string = ''
 
 @description('(Optional) Domain name for the TURN server with TLS. Only needed if your users are behind restrictive firewalls')
 param turnDomainName string = ''
 
-@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified.')
+@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified. Provide in base64 format.')
 param turnOwnPublicCertificate string = ''
 
-@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified.')
+@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified. Provide in base64 format.')
 param turnOwnPrivateCertificate string = ''
 
 @description('Visit https://openvidu.io/account')
@@ -384,14 +384,9 @@ elif [[ "${certificateType}" == "letsencrypt" ]]; then
     "--certificate-type=letsencrypt"
   )
 else
-  # Download owncert files
+  # Use base64 encoded certificates directly
-  mkdir -p /tmp/owncert
+  OWN_CERT_CRT=${ownPublicCertificate}
-  wget -O /tmp/owncert/fullchain.pem ${ownPublicCertificate}
+  OWN_CERT_KEY=${ownPrivateCertificate}
-  wget -O /tmp/owncert/privkey.pem ${ownPrivateCertificate}
-
-  # Convert to base64
-  OWN_CERT_CRT=$(base64 -w 0 /tmp/owncert/fullchain.pem)
-  OWN_CERT_KEY=$(base64 -w 0 /tmp/owncert/privkey.pem)
 
   CERT_ARGS=(
     "--certificate-type=owncert"
@@ -401,14 +396,9 @@ else
 
   # Turn with TLS and own certificate
   if [[ "${turnDomainName}" != '' ]]; then
-    # Download owncert files
+    # Use base64 encoded certificates directly
-    mkdir -p /tmp/owncert-turn
+    OWN_CERT_CRT_TURN=${turnOwnPublicCertificate}
-    wget -O /tmp/owncert-turn/fullchain.pem ${turnOwnPublicCertificate}
+    OWN_CERT_KEY_TURN=${turnOwnPrivateCertificate}
-    wget -O /tmp/owncert-turn/privkey.pem ${turnOwnPrivateCertificate}
-
-    # Convert to base64
-    OWN_CERT_CRT_TURN=$(base64 -w 0 /tmp/owncert-turn/fullchain.pem)
-    OWN_CERT_KEY_TURN=$(base64 -w 0 /tmp/owncert-turn/privkey.pem)
 
     CERT_ARGS+=(
       "--turn-owncert-private-key=$OWN_CERT_KEY_TURN"

openvidu-deployment/pro/elastic/azure/createUiDefinition.json

@@ -114,7 +114,7 @@
                             "name": "ownPublicCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Own Public Certificate",
-                            "subLabel": "If certificate type is 'owncert', this parameter will be used to specify the public certificate",
+                            "subLabel": "If certificate type is 'owncert', this parameter will be used to specify the public certificate in base64 format",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -135,7 +135,7 @@
                             "name": "ownPrivateCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Own Private Certificate",
-                            "subLabel": "If certificate type is 'owncert', this parameter will be used to specify the private certificate",
+                            "subLabel": "If certificate type is 'owncert', this parameter will be used to specify the private certificate in base64 format",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -530,7 +530,7 @@
                             "name": "turnOwnPublicCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Turn Own Public Certificate",
-                            "subLabel": "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified.",
+                            "subLabel": "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format.",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -551,7 +551,7 @@
                             "name": "turnOwnPrivateCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Turn Own Private Certificate",
-                            "subLabel": "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified.",
+                            "subLabel": "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format.",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {

openvidu-deployment/pro/elastic/gcp/tf-gpc-openvidu-elastic.tf

@@ -761,14 +761,9 @@ elif [[ "${var.certificateType}" == "letsencrypt" ]]; then
     "--certificate-type=letsencrypt"
   )
 else
-  # Download owncert files
+  # Use base64 encoded certificates directly
-  mkdir -p /tmp/owncert
+  OWN_CERT_CRT=${var.ownPublicCertificate}
-  wget -O /tmp/owncert/fullchain.pem ${var.ownPublicCertificate}
+  OWN_CERT_KEY=${var.ownPrivateCertificate}
-  wget -O /tmp/owncert/privkey.pem ${var.ownPrivateCertificate}
-
-  # Convert to base64
-  OWN_CERT_CRT=$(base64 -w 0 /tmp/owncert/fullchain.pem)
-  OWN_CERT_KEY=$(base64 -w 0 /tmp/owncert/privkey.pem)
   CERT_ARGS=(
     "--certificate-type=owncert"
     "--owncert-public-key=$OWN_CERT_CRT"
@@ -777,13 +772,9 @@ else
 
   # Turn with TLS and own certificate
   if [[ "${var.turnDomainName}" != '' ]]; then
-    # Download owncert files
+    # Use base64 encoded certificates directly
-    mkdir -p /tmp/owncert-turn
+    OWN_CERT_CRT_TURN=${var.turnOwnPublicCertificate}
-    wget -O /tmp/owncert-turn/fullchain.pem ${var.turnOwnPublicCertificate}
+    OWN_CERT_KEY_TURN=${var.turnOwnPrivateCertificate}
-    wget -O /tmp/owncert-turn/privkey.pem ${var.turnOwnPrivateCertificate}
-    # Convert to base64
-    OWN_CERT_CRT_TURN=$(base64 -w 0 /tmp/owncert-turn/fullchain.pem)
-    OWN_CERT_KEY_TURN=$(base64 -w 0 /tmp/owncert-turn/privkey.pem)
     CERT_ARGS+=(
       "--turn-owncert-private-key=$OWN_CERT_KEY_TURN"
       "--turn-owncert-public-key=$OWN_CERT_CRT_TURN"

openvidu-deployment/pro/elastic/gcp/variables.tf

@@ -54,13 +54,13 @@ variable "domainName" {
 }
 
 variable "ownPublicCertificate" {
-  description = "If certificate type is 'owncert', this parameter will be used to specify the public certificate"
+  description = "If certificate type is 'owncert', this parameter will be used to specify the public certificate in base64 format"
   type        = string
   default     = ""
 }
 
 variable "ownPrivateCertificate" {
-  description = "If certificate type is 'owncert', this parameter will be used to specify the private certificate"
+  description = "If certificate type is 'owncert', this parameter will be used to specify the private certificate in base64 format"
   type        = string
   default     = ""
 }
@@ -160,13 +160,13 @@ variable "turnDomainName" {
 }
 
 variable "turnOwnPublicCertificate" {
-  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
+  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
   type        = string
   default     = ""
 }
 
 variable "turnOwnPrivateCertificate" {
-  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
+  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
   type        = string
   default     = ""
 }

openvidu-deployment/pro/ha/azure/cf-openvidu-ha.bicep

@@ -16,10 +16,10 @@ param certificateType string = 'letsencrypt'
 @description('Domain name for the OpenVidu Deployment.')
 param domainName string = ''
 
-@description('If certificate type is \'owncert\', this parameter will be used to specify the public certificate')
+@description('If certificate type is \'owncert\', this parameter will be used to specify the public certificate in base64 format')
 param ownPublicCertificate string = ''
 
-@description('If certificate type is \'owncert\', this parameter will be used to specify the private certificate')
+@description('If certificate type is \'owncert\', this parameter will be used to specify the private certificate in base64 format')
 param ownPrivateCertificate string = ''
 
 @description('Name of the PublicIPAddress resource in Azure when using certificateType \'owncert\' or \'letsencrypt\'')
@@ -28,10 +28,10 @@ param publicIpAddressObject object
 @description('(Optional) Domain name for the TURN server with TLS. Only needed if your users are behind restrictive firewalls')
 param turnDomainName string = ''
 
-@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified.')
+@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified. Provide in base64 format.')
 param turnOwnPublicCertificate string = ''
 
-@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified.')
+@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified. Provide in base64 format.')
 param turnOwnPrivateCertificate string = ''
 
 @description('Visit https://openvidu.io/account')
@@ -521,14 +521,9 @@ elif [[ "${certificateType}" == "letsencrypt" ]]; then
     "--certificate-type=letsencrypt"
   )
 else
-  # Download owncert files
+  # Use base64 encoded certificates directly
-  mkdir -p /tmp/owncert
+  OWN_CERT_CRT=${ownPublicCertificate}
-  wget -O /tmp/owncert/fullchain.pem ${ownPublicCertificate}
+  OWN_CERT_KEY=${ownPrivateCertificate}
-  wget -O /tmp/owncert/privkey.pem ${ownPrivateCertificate}
-
-  # Convert to base64
-  OWN_CERT_CRT=$(base64 -w 0 /tmp/owncert/fullchain.pem)
-  OWN_CERT_KEY=$(base64 -w 0 /tmp/owncert/privkey.pem)
 
   CERT_ARGS=(
     "--certificate-type=owncert"
@@ -538,14 +533,9 @@ else
 
   # Turn with TLS and own certificate
   if [[ "${turnDomainName}" != '' ]]; then
-    # Download owncert files
+    # Use base64 encoded certificates directly
-    mkdir -p /tmp/owncert-turn
+    OWN_CERT_CRT_TURN=${turnOwnPublicCertificate}
-    wget -O /tmp/owncert-turn/fullchain.pem ${turnOwnPublicCertificate}
+    OWN_CERT_KEY_TURN=${turnOwnPrivateCertificate}
-    wget -O /tmp/owncert-turn/privkey.pem ${turnOwnPrivateCertificate}
-
-    # Convert to base64
-    OWN_CERT_CRT_TURN=$(base64 -w 0 /tmp/owncert-turn/fullchain.pem)
-    OWN_CERT_KEY_TURN=$(base64 -w 0 /tmp/owncert-turn/privkey.pem)
 
     CERT_ARGS+=(
       "--turn-owncert-private-key=$OWN_CERT_KEY_TURN"

openvidu-deployment/pro/ha/azure/createUiDefinition.json

@@ -114,7 +114,7 @@
                             "name": "ownPublicCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Own Public Certificate",
-                            "subLabel": "If certificate type is 'owncert', this parameter will be used to specify the public certificate",
+                            "subLabel": "If certificate type is 'owncert', this parameter will be used to specify the public certificate in base64 format",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -135,7 +135,7 @@
                             "name": "ownPrivateCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Own Private Certificate",
-                            "subLabel": "If certificate type is 'owncert', this parameter will be used to specify the private certificate",
+                            "subLabel": "If certificate type is 'owncert', this parameter will be used to specify the private certificate in base64 format",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -545,7 +545,7 @@
                             "name": "turnOwnPublicCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Turn Own Public Certificate",
-                            "subLabel": "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified.",
+                            "subLabel": "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format.",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -566,7 +566,7 @@
                             "name": "turnOwnPrivateCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Turn Own Private Certificate",
-                            "subLabel": "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified.",
+                            "subLabel": "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format.",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {

openvidu-deployment/pro/ha/gcp/tf-gpc-openvidu-ha.tf

@@ -1146,14 +1146,9 @@ elif [[ "${var.certificateType}" == "letsencrypt" ]]; then
     "--certificate-type=letsencrypt"
   )
 else
-  # Download owncert files
+  # Use base64 encoded certificates directly
-  mkdir -p /tmp/owncert
+  OWN_CERT_CRT=${var.ownPublicCertificate}
-  wget -O /tmp/owncert/fullchain.pem ${var.ownPublicCertificate}
+  OWN_CERT_KEY=${var.ownPrivateCertificate}
-  wget -O /tmp/owncert/privkey.pem ${var.ownPrivateCertificate}
-
-  # Convert to base64
-  OWN_CERT_CRT=$(base64 -w 0 /tmp/owncert/fullchain.pem)
-  OWN_CERT_KEY=$(base64 -w 0 /tmp/owncert/privkey.pem)
 
   CERT_ARGS=(
     "--certificate-type=owncert"
@@ -1163,14 +1158,9 @@ else
 
   # Turn with TLS and own certificate
   if [[ "${var.turnDomainName}" != '' ]]; then
-    # Download owncert files
+    # Use base64 encoded certificates directly
-    mkdir -p /tmp/owncert-turn
+    OWN_CERT_CRT_TURN=${var.turnOwnPublicCertificate}
-    wget -O /tmp/owncert-turn/fullchain.pem ${var.turnOwnPublicCertificate}
+    OWN_CERT_KEY_TURN=${var.turnOwnPrivateCertificate}
-    wget -O /tmp/owncert-turn/privkey.pem ${var.turnOwnPrivateCertificate}
-
-    # Convert to base64
-    OWN_CERT_CRT_TURN=$(base64 -w 0 /tmp/owncert-turn/fullchain.pem)
-    OWN_CERT_KEY_TURN=$(base64 -w 0 /tmp/owncert-turn/privkey.pem)
 
     CERT_ARGS+=(
       "--turn-owncert-private-key=$OWN_CERT_KEY_TURN"

openvidu-deployment/pro/ha/gcp/variables.tf

@@ -54,13 +54,13 @@ variable "domainName" {
 }
 
 variable "ownPublicCertificate" {
-  description = "If certificate type is 'owncert', this parameter will be used to specify the public certificate"
+  description = "If certificate type is 'owncert', this parameter will be used to specify the public certificate in base64 format"
   type        = string
   default     = ""
 }
 
 variable "ownPrivateCertificate" {
-  description = "If certificate type is 'owncert', this parameter will be used to specify the private certificate"
+  description = "If certificate type is 'owncert', this parameter will be used to specify the private certificate in base64 format"
   type        = string
   default     = ""
 }
@@ -176,13 +176,13 @@ variable "turnDomainName" {
 }
 
 variable "turnOwnPublicCertificate" {
-  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
+  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
   type        = string
   default     = ""
 }
 
 variable "turnOwnPrivateCertificate" {
-  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
+  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
   type        = string
   default     = ""
 }

openvidu-deployment/pro/singlenode/azure/cf-openvidu-singlenode.bicep

@@ -19,10 +19,10 @@ param publicIpAddressObject object
 @description('Domain name for the OpenVidu Deployment. Blank will generate default domain')
 param domainName string = ''
 
-@description('If certificate type is \'owncert\', this parameter will be used to specify the public certificate')
+@description('If certificate type is \'owncert\', this parameter will be used to specify the public certificate in base64 format')
 param ownPublicCertificate string = ''
 
-@description('If certificate type is \'owncert\', this parameter will be used to specify the private certificate')
+@description('If certificate type is \'owncert\', this parameter will be used to specify the private certificate in base64 format')
 param ownPrivateCertificate string = ''
 
 @description('Initial password for the \'admin\' user in OpenVidu Meet. If not provided, a random password will be generated.')
@@ -36,10 +36,10 @@ param initialMeetApiKey string = ''
 @description('(Optional) Domain name for the TURN server with TLS. Only needed if your users are behind restrictive firewalls')
 param turnDomainName string = ''
 
-@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified.')
+@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified. Provide in base64 format.')
 param turnOwnPublicCertificate string = ''
 
-@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified.')
+@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified. Provide in base64 format.')
 param turnOwnPrivateCertificate string = ''
 
 @description('Visit https://openvidu.io/account')
@@ -309,14 +309,9 @@ elif [[ "${certificateType}" == "letsencrypt" ]]; then
     "--certificate-type=letsencrypt"
   )
 else
-  # Download owncert files
+  # Use base64 encoded certificates directly
-  mkdir -p /tmp/owncert
+  OWN_CERT_CRT=${ownPublicCertificate}
-  wget -O /tmp/owncert/fullchain.pem ${ownPublicCertificate}
+  OWN_CERT_KEY=${ownPrivateCertificate}
-  wget -O /tmp/owncert/privkey.pem ${ownPrivateCertificate}
-
-  # Convert to base64
-  OWN_CERT_CRT=$(base64 -w 0 /tmp/owncert/fullchain.pem)
-  OWN_CERT_KEY=$(base64 -w 0 /tmp/owncert/privkey.pem)
 
   CERT_ARGS=(
     "--certificate-type=owncert"
@@ -326,14 +321,9 @@ else
 
   # Turn with TLS and own certificate
   if [[ "${turnDomainName}" != '' ]]; then
-    # Download owncert files
+    # Use base64 encoded certificates directly
-    mkdir -p /tmp/owncert-turn
+    OWN_CERT_CRT_TURN=${turnOwnPublicCertificate}
-    wget -O /tmp/owncert-turn/fullchain.pem ${turnOwnPublicCertificate}
+    OWN_CERT_KEY_TURN=${turnOwnPrivateCertificate}
-    wget -O /tmp/owncert-turn/privkey.pem ${turnOwnPrivateCertificate}
-
-    # Convert to base64
-    OWN_CERT_CRT_TURN=$(base64 -w 0 /tmp/owncert-turn/fullchain.pem)
-    OWN_CERT_KEY_TURN=$(base64 -w 0 /tmp/owncert-turn/privkey.pem)
 
     CERT_ARGS+=(
       "--turn-owncert-private-key=$OWN_CERT_KEY_TURN"

openvidu-deployment/pro/singlenode/azure/createUiDefinition.json

@@ -113,7 +113,7 @@
                             "name": "ownPublicCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Own Public Certificate",
-                            "subLabel": "\nIf certificate type is 'owncert', this parameter will be used to specify the public certificate",
+                            "subLabel": "\nIf certificate type is 'owncert', this parameter will be used to specify the public certificate in base64 format",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -134,7 +134,7 @@
                             "name": "ownPrivateCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Own Private Certificate",
-                            "subLabel": "\nIf certificate type is 'owncert', this parameter will be used to specify the private certificate",
+                            "subLabel": "\nIf certificate type is 'owncert', this parameter will be used to specify the private certificate in base64 format",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -406,7 +406,7 @@
                             "name": "turnOwnPublicCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Turn Own Public Certificate",
-                            "subLabel": "\n(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified.",
+                            "subLabel": "\n(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format.",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {
@@ -427,7 +427,7 @@
                             "name": "turnOwnPrivateCertificate",
                             "type": "Microsoft.Common.TextBox",
                             "label": "Turn Own Private Certificate",
-                            "subLabel": "\n(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified.",
+                            "subLabel": "\n(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format.",
                             "defaultValue": "",
                             "toolTip": "",
                             "constraints": {

openvidu-deployment/pro/singlenode/gcp/tf-gpc-openvidu-singlenode.tf

@@ -277,14 +277,9 @@ elif [[ "${var.certificateType}" == "letsencrypt" ]]; then
     "--certificate-type=letsencrypt"
   )
 else
-  # Download owncert files
+  # Use base64 encoded certificates directly
-  mkdir -p /tmp/owncert
+  OWN_CERT_CRT=${var.ownPublicCertificate}
-  wget -O /tmp/owncert/fullchain.pem ${var.ownPublicCertificate}
+  OWN_CERT_KEY=${var.ownPrivateCertificate}
-  wget -O /tmp/owncert/privkey.pem ${var.ownPrivateCertificate}
-
-  # Convert to base64
-  OWN_CERT_CRT=$(base64 -w 0 /tmp/owncert/fullchain.pem)
-  OWN_CERT_KEY=$(base64 -w 0 /tmp/owncert/privkey.pem)
   CERT_ARGS=(
     "--certificate-type=owncert"
     "--owncert-public-key=$OWN_CERT_CRT"
@@ -293,13 +288,9 @@ else
 
   # Turn with TLS and own certificate
   if [[ "${var.turnDomainName}" != '' ]]; then
-    # Download owncert files
+    # Use base64 encoded certificates directly
-    mkdir -p /tmp/owncert-turn
+    OWN_CERT_CRT_TURN=${var.turnOwnPublicCertificate}
-    wget -O /tmp/owncert-turn/fullchain.pem ${var.turnOwnPublicCertificate}
+    OWN_CERT_KEY_TURN=${var.turnOwnPrivateCertificate}
-    wget -O /tmp/owncert-turn/privkey.pem ${var.turnOwnPrivateCertificate}
-    # Convert to base64
-    OWN_CERT_CRT_TURN=$(base64 -w 0 /tmp/owncert-turn/fullchain.pem)
-    OWN_CERT_KEY_TURN=$(base64 -w 0 /tmp/owncert-turn/privkey.pem)
     CERT_ARGS+=(
       "--turn-owncert-private-key=$OWN_CERT_KEY_TURN"
       "--turn-owncert-public-key=$OWN_CERT_CRT_TURN"

openvidu-deployment/pro/singlenode/gcp/variables.tf

@@ -54,13 +54,13 @@ variable "domainName" {
 }
 
 variable "ownPublicCertificate" {
-  description = "If certificate type is 'owncert', this parameter will be used to specify the public certificate"
+  description = "If certificate type is 'owncert', this parameter will be used to specify the public certificate in base64 format"
   type        = string
   default     = ""
 }
 
 variable "ownPrivateCertificate" {
-  description = "If certificate type is 'owncert', this parameter will be used to specify the private certificate"
+  description = "If certificate type is 'owncert', this parameter will be used to specify the private certificate in base64 format"
   type        = string
   default     = ""
 }
@@ -130,13 +130,13 @@ variable "turnDomainName" {
 }
 
 variable "turnOwnPublicCertificate" {
-  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
+  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
   type        = string
   default     = ""
 }
 
 variable "turnOwnPrivateCertificate" {
-  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
+  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified. Provide in base64 format."
   type        = string
   default     = ""
 }