[Icecast] Secure Connection Failed

John j_p_waterhouse at hotmail.com
Sun Jan 7 16:41:17 UTC 2024


Hello,

I hope this question hasn't been asked and answered too often before.

I have installed Icecast and have it working. I'm now trying to make it work with https. I've configured it as per instructions - at least, I believe I have - and when it try to connect to it, I get an error page that says:


Secure Connection Failed

An error occurred during a connection to www.<my domain>.com:8000. Cannot communicate securely with peer: no common encryption algorithm(s).

Error code: SSL_ERROR_NO_CYPHER_OVERLAP


This is my current icecast.xml


<icecast>
    <limits>
        <clients>100</clients>
        <sources>2</sources>
        <threadpool>5</threadpool>
        <queue-size>524288</queue-size>
        <client-timeout>30</client-timeout>
        <header-timeout>15</header-timeout>
        <source-timeout>10</source-timeout>
        <burst-on-connect>1</burst-on-connect>
        <burst-size>65535</burst-size>
    </limits>

    <authentication>
        <source-password>ClampGonerInferno</source-password>
        <relay-password>BraceFractalHaddock</relay-password>
        <admin-user>admin</admin-user>
        <admin-password>BionicGenteelSpade</admin-password>
    </authentication>
    <hostname>radiofreeneptune.com</hostname>
    <location>Neptune</location>    

    <listen-socket>
        <port>8000</port>
        <bind-address>67.219.147.138</bind-address>
        <ssl>1</ssl>
    </listen-socket>

    <mount>
        <mount-name>/radio.mp3</mount-name>
        <max-listeners>100</max-listeners>
        <dump-file>/tmp/dump-example1.ogg</dump-file>
        <burst-size>65536</burst-size>
        <fallback-mount>/radio.ogg</fallback-mount>
        <fallback-override>1</fallback-override>
        <fallback-when-full>1</fallback-when-full>
        <hidden>1</hidden>
        <no-yp>1</no-yp>
    </mount>

    <mount>
        <mount-name>/auth_example.ogg</mount-name>
        <authentication type="url">
            <option name="mount_add"       value="http://myauthserver.net/notify_mount.php"/>
            <option name="mount_remove"    value="http://myauthserver.net/notify_mount.php"/>
            <option name="listener_add"    value="http://myauthserver.net/notify_listener.php"/>
            <option name="listener_remove" value="http://myauthserver.net/notify_listener.php"/>
        </authentication>
    </mount>
    <fileserve>1</fileserve>

    <paths>
        <basedir>/usr/share/icecast</basedir>
        <logdir>/var/log/icecast</logdir>
        <webroot>/usr/share/icecast/web</webroot>
        <adminroot>/usr/share/icecast/admin</adminroot>
        <pidfile>/var/run/icecast/icecast.pid</pidfile>
      <ssl-certificate>/etc/icecast.d/icecast.pem</ssl-certificate>
        <alias source="/" dest="/status.xsl"/>
    </paths>

    <logging>
        <accesslog>access.log</accesslog>
        <errorlog>error.log</errorlog>
        <loglevel>4</loglevel> <!-- 4 Debug, 3 Info, 2 Warn, 1 Error -->
        <logsize>100000</logsize> <!-- Max size of a logfile -->
    </logging>

    <security>
        <chroot>0</chroot>
        <changeowner>
            <user>icecast</user>
            <group>icecast</group>
        </changeowner>
    </security>
</icecast>

Port 8000 is open, I'm using a Let's Encrypt certificate (works fine for conventional web pages) concatenated into icecast.pem.


If anyone has any suggestions as to what I've done wrong and how to fix it, I'd be seriously grateful.

Thanks.




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20240107/e1afd201/attachment.htm>


More information about the Icecast mailing list