[Icecast] Having icecast SSL connection problem

Zernick, John John.Zernick at ideastream.org
Fri Sep 22 16:50:50 UTC 2017 

I have been trying to get icecast 2.4.2 to stream with ssl to https. But so far I have had no luck.

I am running Ubuntu 16.04 and the regular stream is working properly over port 80. I want to stream securely over port 443. I need to use 443 because of network rules here. I can view the Icecast2 Status pages and listen to a stream, but once I add https:// I get 'Secure Connection Failed' on Firefox and 'This site can’t be reached' from Chrome. Both can view and stream non-ssl content.

I have tried both a Digicert and a self-signed cert. I have followed the pem rules from Digicert. I have set the permissions to the user Icecast2 from the group Icecast. I have read almost everything on this and I have tried Walter York's instructions to pre-install a number of packages that icecast needs to successfully enable ssl. I have placed the cert files in the same directory as the icecast.xml file. Here are the details regarding the ssl portions of the XML config file.

...
    <!-- You may have multiple <listener> elements -->
    <listen-socket>
        <port>80</port>
        <!-- <shoutcast-mount>/stream</shoutcast-mount> -->
    </listen-socket>

    <listen-socket>
        <port>443</port>
        <ssl>1</ssl>
    </listen-socket>
...
    <paths>

        <!-- The certificate file needs to contain both public and private part.
             Both should be PEM encoded. -->
        <ssl-certificate>/etc/icecast2/icecast2_new.pem</ssl-certificate>
...

So, there you have it. The only anomaly with the set up was that when the VMWare instance of the site started it was running dhcp and I struggled to wrestle control away from it. And I was never able to get eth0 to work so I used same interface name that dhcp used 'ens160'.

Any and all suggestions, recommendation, ideas, and solutions would be greatly appreciated.

Thanks,  --John



 John Zernick | Senior Systems Administrator (Web)| D: (216) 916-6472 | F: (216) 916-6473<http://www.ideastream.org>

 Idea Center | 1375 Euclid | Cleveland OH 44115



 [ideastream]

 The mission of ideastream is to strengthen our communities

 Follow us on Facebook<http://www.ideastream.org/engage/facebook> and Twitter<http://www.ideastream.org/engage/twitter>

 Explore what you love, discover even more at ideastream.org<http://www.ideastream.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20170922/d32eb4a6/attachment.htm>

More information about the Icecast mailing list