Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Icecast 2 and SSL

I am trying to make work icecast 2 and my letsencrypt SSL with no luck. So far what I did is built icecast 2 with openssl support and I also made it run but it always give the next error in the log file.

[2018-03-15  12:48:21] WARN connection/get_ssl_certificate Invalid private key file /usr/local/icecast/share/fullchain.pem
[2018-03-15  12:48:21] INFO connection/get_ssl_certificate No SSL capability on any configured ports

I have set these cert files readable by user: richard and of course I am also running the server itself with the richard user.

Maybe you have any idea what is wrong?

You may also see my config file here:

  <listen-socket>
        <port>8443</port>
        <ssl>1</ssl>
  </listen-socket>

In the path section I have set the ssl-certificate part to the SSL.

 <ssl-certificate>/usr/local/icecast/share/icecast/fullchain.pem</ssl-certificate>

Nothing so far. The server itself is starting on the port, however when visiting it through https:// it just doesn't load. with http:// the port (8443) works fine.

Any help appricated.

like image 900
Marcell Avatar asked Mar 15 '18 12:03

Marcell


People also ask

What ports does Icecast use?

The first listen-socket block shows how to make Icecast listen on port 8000, and additionally specifies a <bind-address> , which limits this port to only listen for connections from this address.

How does Icecast work?

A Source Client (i.e. IceS, RoarAudio, …) connects to a mountpoint on the Icecast server and sends audio or video data to it. Listeners connect to the mountpoint and Icecast send the stream to them. The Icecast server will be the place where all listeners of your stream will connect.

Can Icecast stream video?

Icecast is a streaming server, which can stream audio (and video) to listeners/viewers.

What is Icecast mount point?

The Basics. Each Icecast server can house multiple broadcasts (or mountpoints) each containing a separate stream of content. A 'mountpoint' is a unique name on your server identifying a particular stream - it looks like a filename, such as '/stream. ogg'. A listener can only listen to a single mountpoint at a time.


1 Answers

Actually, I solved the issue myself.

The problem was the SSL not the configurations. Seems the LetsEncrypt SSL that is generated (fullchain.pem) is not working correctly. So instead of using that, I have copied the content from cert.pem and privkey.pem and made a new file named icecast.pem and pasted both into one. (first cert and then the privkey) and now everything is works fine and secure!

I am a genius!!!

like image 52
Marcell Avatar answered Oct 02 '22 12:10

Marcell