[Icecast] Icecast Over ssl
Xabier Oneca -- xOneca
xoneca+icecast at gmail.com
Thu Dec 18 22:24:37 UTC 2014
Hello,
El 18/12/2014 22:52, Thomas B. Rücker <thomas at ruecker.fi> escribió:
>
> On 12/18/2014 09:43 PM, Xabier Oneca -- xOneca wrote:
> >
> > Hi Thomas,
> >
> > El 18/12/2014 22:25, Thomas B. Rücker <thomas at ruecker.fi
> > <mailto:thomas at ruecker.fi>> escribió:
> > >
> > > On 12/18/2014 08:54 PM, Xabier Oneca -- xOneca wrote:
> > >>
> > >> Hello, Thomas,
> > >>
> > >> El 18/12/2014 21:35, Thomas B. Rücker <thomas at ruecker.fi
> > <mailto:thomas at ruecker.fi>> escribió:
> > >> >
> > >> > On 12/18/2014 08:29 PM, Xabier Oneca -- xOneca wrote:
> > >> > >
> > >> > > Hello Daelynn,
> > >> > >
> > >> > > Icecast doesn't have SSL support, but you can try with stunnel. I
> > >> > > haven't tried it with Icecast, but it should work. I have stunnel
> > >> > > working with other services, though, and works like a charm!
> > >> > >
> > >> > That's bull...
> > >> > see my other reply.
> > >>
> > >> Sorry! I wanted to say I didn't know it it had support. I don't
> > know why I've written that! :S
> > >>
> > >> That's what happens by replying with my mind in other things, I
> > suppose...
> > >
> > >
> > > No worries, now you know. :-)
> > >
> > >
> > >
> > >> > TBR
> > >> > >
> > >> > > HTH,
> > >> > >
> > >> > > Xabier Oneca_,,_
> > >> > >
> > >> > > El 18/12/2014 21:15, "Daelynn Baudais" <daelynn.baudais at shaw.ca
> > <mailto:daelynn.baudais at shaw.ca>
> > >> > > <mailto:daelynn.baudais at shaw.ca
> > <mailto:daelynn.baudais at shaw.ca>>> escribió:
> > >> > >
> > >> > > Hi,
> > >> > >
> > >> > >
> > >> > >
> > >> > > Can the Icecast stream be served over an ssl (https)
> > connection?
> > >> > >
> > >> > > If so, can you please tell me how to accomplish this?
> > >> > >
> > >> > >
> > >> > >
> > >> > > Thanks,
> > >> > >
> > >> > > Daelynn.
> > >>
> > >> Sorry again and cheers!
> > >>
> > >> Xabier Oneca_,,_
> > >
> > >
> > > Don't sweat it, just wanted to be sure people don't pick up the
> > stunnel idea as it's a rather problematic workaround.
> >
> > So, Icecast + stunnel is not a good idea?
> >
>
> For starters you lose the ability to see the IP of your clients in
Icecast.
True. Didn't think on this one.
> Also all dynamic content likely will generate for something different
> (although the same problem might currently exist with Icecast, it would
> be reasonable to fix as Icecast is aware of a connection on a SSL socket
> as opposed to plain TCP).
>
> > I prefer using 'native' SSL support, but when there isn't, I am very
> > happy using stunnel.
> >
> Yes, it is OK as a work-around. It comes at certain inconveniences that
> need to be weighed.
I don't know if there's a previous discussion about this in the list, but
this is very interesting to have.
Now that Mozilla is going to give away signed certs for free, this gains
interest.
>
> Cheers
>
> Thomas
Cheers,
Xabier Oneca_,,_
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20141218/de0f2c8b/attachment.htm>
More information about the Icecast
mailing list