Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Icecast 2 and SSL

Tags:

linux

ssl

openssl

icecast

I am trying to make work icecast 2 and my letsencrypt SSL with no luck. So far what I did is built icecast 2 with openssl support and I also made it run but it always give the next error in the log file.

[2018-03-15  12:48:21] WARN connection/get_ssl_certificate Invalid private key file /usr/local/icecast/share/fullchain.pem
[2018-03-15  12:48:21] INFO connection/get_ssl_certificate No SSL capability on any configured ports

I have set these cert files readable by user: richard and of course I am also running the server itself with the richard user.

Maybe you have any idea what is wrong?

You may also see my config file here:

  <listen-socket>
        <port>8443</port>
        <ssl>1</ssl>
  </listen-socket>

In the path section I have set the ssl-certificate part to the SSL.

 <ssl-certificate>/usr/local/icecast/share/icecast/fullchain.pem</ssl-certificate>

Nothing so far. The server itself is starting on the port, however when visiting it through https:// it just doesn't load. with http:// the port (8443) works fine.

Any help appricated.

like image 900
Marcell Avatar asked Mar 15 '18 12:03

Marcell

People also ask

What ports does Icecast use?

The first listen-socket block shows how to make Icecast listen on port 8000, and additionally specifies a <bind-address> , which limits this port to only listen for connections from this address.

How does Icecast work?

A Source Client (i.e. IceS, RoarAudio, …) connects to a mountpoint on the Icecast server and sends audio or video data to it. Listeners connect to the mountpoint and Icecast send the stream to them. The Icecast server will be the place where all listeners of your stream will connect.

Can Icecast stream video?

Icecast is a streaming server, which can stream audio (and video) to listeners/viewers.

What is Icecast mount point?

The Basics. Each Icecast server can house multiple broadcasts (or mountpoints) each containing a separate stream of content. A 'mountpoint' is a unique name on your server identifying a particular stream - it looks like a filename, such as '/stream. ogg'. A listener can only listen to a single mountpoint at a time.

1 Answers

Actually, I solved the issue myself.

The problem was the SSL not the configurations. Seems the LetsEncrypt SSL that is generated (fullchain.pem) is not working correctly. So instead of using that, I have copied the content from cert.pem and privkey.pem and made a new file named icecast.pem and pasted both into one. (first cert and then the privkey) and now everything is works fine and secure!

I am a genius!!!

like image 52
Marcell Avatar answered Oct 02 '22 12:10

Marcell
Sign in to Comment

Related questions

OSTYPE not available in shell script
Can SO_REUSEPORT be used on Unix domain sockets?
boost_log example with sinks fails to compile
SEH Equivalent in Linux or How do I handle OS Signals (like SIGSERV) and yet keep continuing
Ansible: Check if service is listening on a specific port
How do I trace a system call in Linux?
Access mongo shell running in docker container in linux script
How to launch a process outside a systemd control group
Laravel 5 not getting any error logs
Why is there a size mismatch between structures and unions?
JVM crashed in java.util.zip.ZipFile.getEntry
Run dnsmasq as DHCP server from inside a Docker container
How to be able to "move" all necessary libraries that a script requires when moving to a new machine
docker run hello-world still fails, permission denied
git clone GnuTLS recv error (-9): A TLS packet with unexpected length was received [duplicate]
How to know the name and/or path of the debug symbol file which is linked to a binary executable?
What is a 'slot' in sd-bus (C language)
postgres users can login with any or no password
unit falling into a failed state (status=143) when stopping service [closed]
Why gdb cannot find ../sysdeps/unix/sysv/linux/ifaddrs.c

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!