[Icecast] SSL Cert Woes
andy.speagle at wichita.edu
Mon Aug 28 13:46:58 UTC 2017
> El vie, 25-08-2017 a las 16:49 +0000, Speagle, Andy escribió:
> > Hi Folks,
> > I’m having a problem getting a the SSL cert file formatted just like
> > icecast wants… I’m running 2.4.2 … and it doesn’t seem to want to use
> > my combined key + cert chain no matter in what order I put it.
> > Presently, I have it in this format.. with spaces between each
> > key/cert…
> > KEY
> > CERTCHAIN-1
> > CERTCHAIN-2
> > CERTCHAIN-3
> > MYCERT
> > And… well… not sure what else to do here. I have the file owned by
> > icecast:icecast … and … it should be readable in its present location…
> > so, not sure what else would be wrong.
> Firtsly, what operative system are you running ?. On Debian GNU/Linux user
> icecast2 and group icecast, then icecast2:icecast.
I'm on RHEL 7, so the user/group is icecast:icecast ...
> Secondly, check the Icecast2's error.log looking about SSL or TLS capability.
> On Debian GNU/Linux /var/log/icecast2/error.log.
From the log, I get a simple:
WARN connection/get_ssl_certificate Invalid cert file <my cert filepath>
INFO connection/get_ssl_certificate No SSL capability on any configured ports
So... not sure what else I can do here... using simple openssl verify commands I can see that the cert chain is valid...
More information about the Icecast