[Icecast] How do I combine my ssl certs?

Robert Chalmers racuk12 at gmail.com
Tue Mar 6 15:23:16 UTC 2018


Walter,
Very nice. Compiles out of the box on the Mac Sierra. (Mac Mini) and seems to run without issues. Not much in the log files. Few warnings but nothing major.
Most excellent - thanks. And here’s me thinking my week was done…  
I haven’t done a make install yet for obvious reasons. Just ran it out of it’s make directory. I want to be sure I see where it will install it’s bits. So a little bit of investigation yet.

Thanks again for the pointers to the version.

Robert

> On 6 Mar 2018, at 14:47, Walter York <walteryork at hotmail.com> wrote:
> 
> Robert,
> 
> There is a github repo that will create and then another script to renew your Let's Encrypt Certs for Icecast.  The commands are well documented to help you customize for your specific implementation.
> 
> The Repo is here:
> https://github.com/amavarick/letsencrypt_certbot_standalone_icecast <https://github.com/amavarick/letsencrypt_certbot_standalone_icecast>
> 
> The commands to concatenate the certs are:
> #Replace domain.tld for the name of your domain as setup in Let's Encrypt.
> #Append FullChain to Icecast certificate
> cat /etc/letsencrypt/live/domain.tld/fullchain.pem > /usr/share/icecast/ssl/domain.tld.pem
> #Append privkey to Icecast certificate
> cat /etc/letsencrypt/live/domain.tld/privkey.pem >> /usr/share/icecast/ssl/domain.tld.pem
> 
> I ended up moving to Icecast-KH because they don not require combined certificates, it handles encryption much better as you can use the same port for both http and https and other encryption improvements that make it better than icecast.
> 
> From: Icecast <icecast-bounces at xiph.org> on behalf of Robert Chalmers <racuk12 at gmail.com>
> Sent: Monday, March 5, 2018 5:58 AM
> To: icecast at xiph.org
> Subject: [Icecast] How do I combine my ssl certs?
>  
> 
> I have https/ssl on my site ok, but it uses two certificates from letsencrypt which renew automatically every three months.
> However - Icecase says.
> 
> ssl-certificate
> If specified, this points to the location of a file that contains both the X.509 private and public key. This is required for HTTPS support to be enabled. Please note that the user Icecast is running as must be able to read the file. Failing to ensure this will cause a “Invalid cert file” WARN message, just as if the file wasn’t there.
> 
> So what is meant here. How do I combine my keys into a file to satisfy this?
> 
> Thanks
> Robert
> _______________________________________________
> Icecast mailing list
> Icecast at xiph.org <mailto:Icecast at xiph.org>
> http://lists.xiph.org/mailman/listinfo/icecast <http://lists.xiph.org/mailman/listinfo/icecast>
> Icecast Info Page - Xiph.Org Foundation <http://lists.xiph.org/mailman/listinfo/icecast>
> lists.xiph.org <http://lists.xiph.org/>
> While this list and IRC are preferred for user support. There is also a web forum for user support. See icecast.org <http://icecast.org/> for links. To see the collection of prior postings ...
> 
> 
> _______________________________________________
> Icecast mailing list
> Icecast at xiph.org <mailto:Icecast at xiph.org>
> http://lists.xiph.org/mailman/listinfo/icecast <http://lists.xiph.org/mailman/listinfo/icecast>
Robert Chalmers
https://robert-chalmers.uk
author at robert-chalmers.uk
@R_A_Chalmers

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20180306/00c97a62/attachment.html>


More information about the Icecast mailing list