[Icecast] SSL-Question
Paul Martin
pm at nowster.me.uk
Mon Jun 22 21:25:08 UTC 2020
On Mon, Jun 22, 2020 at 05:14:48PM +0200, Ervin Bizjak wrote:
> file ca_bundle.crt:
> -----BEGIN CERTIFICATE-----
> MIIG1TCCBL2gAwIBAgIQbFWr29AHksedBwzYEZ7WvzANBgkqhkiG9w0BAQwFADCB
> iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
>
> file: certificate.crt:
> -----BEGIN CERTIFICATE-----
> MIIGfjCCBGagAwIBAgIRAPqeon+kOZ6aXWx4AImqAQwwDQYJKoZIhvcNAQEMBQAw
> SzELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB1plcm9TU0wxKjAoBgNVBAMTIVplcm9T
>
> file: private.key:
> -----BEGIN RSA PRIVATE KEY-----
> MIIEogIBAAKCAQEAkCUP/iQJgZ2HVgA/o6LRjRfiHgr2/yWxCTwS24vBpxepKEJZ
> m/smYD3livDhXID3fjI9vJPnPkCgr9u6G63yqt41DK6fZ5ojnbJXD88SykRMP/Cs
Run...
cat certificate.crt ca_bundle.crt private.key >icecast.pem
and change the ownership and permissions of the icecast.pem file so
that only the icecast server software can read it.
Then, in icecast.xml's "<paths>" block, add:
<ssl-certificate>/etc/icecast2/icecast.pem</ssl-certificate>
Changing the file path to point to where you've put the icecast.pem
file.
--
Paul Martin <pm at nowster.me.uk>
More information about the Icecast
mailing list