<div dir="ltr"><div dir="ltr">
<div>If you are using LE then this, IMHO, is a good way to make the icecast.pem file:</div><div><br></div><div style="margin-left:40px"><span style="font-family:monospace">cat privkey.pem fullchain.pem > icecast.pem</span></div><div><br></div><div>The above creates a useful SSL cert format which, for example, a range of devices are able to interpret.</div><div><br></div><div>Then you can check your SSL stream here:</div><div><ul><li><a href="https://check-your-website.server-daten.de/?q=" target="_blank">https://check-your-website.server-daten.de/?q=</a></li></ul></div><div>Thanks</div><div><br></div><div>Chip Scooter</div>
</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, 11 Mar 2020 at 09:47, unosonic <<a href="mailto:un@aporee.org">un@aporee.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
AFIK, pem is simply<br>
<br>
1. private key<br>
2. (most specific) certificate<br>
3. intermediate certificates, if any<br>
<br>
in this order. <br>
at least such a pem work for my icecast 2.4 w/o problems<br>
<br>
--u<br>
<br>
<br>
<br>
<br>
<br>
Gavin Stephens:<br>
> <br>
> > > The error message I was getting in the Icecast log was about no<br>
> > > compatible ssl port. I assumed this was something more complex than a<br>
> > > bad certificate since an error message to that effect would have been<br>
> > > easier to figure out.<br>
> > > <br>
> > > I took the certificate and private key .pem files, added them together<br>
> > > but it didn't work until the conversion to pfx and back.<br>
> > Interesting. Can you show us the difference in .pem files before and<br>
> > after conversion (without revealing your private key, of course)?<br>
> > <br>
> > Regards,<br>
> > <br>
> > - Jeroen<br>
> > <br>
> The only difference I can see, is that it has added the bag attributes,<br>
> issuer, country etc... before the base64 begins in plain text. I'm wondering<br>
> if it was in the way the ACME client made the .pem files. I used win-acme.<br>
> <br>
> Gavin.<br>
> <br>
> _______________________________________________<br>
> Icecast mailing list<br>
> <a href="mailto:Icecast@xiph.org" target="_blank">Icecast@xiph.org</a><br>
> <a href="http://lists.xiph.org/mailman/listinfo/icecast" rel="noreferrer" target="_blank">http://lists.xiph.org/mailman/listinfo/icecast</a><br>
_______________________________________________<br>
Icecast mailing list<br>
<a href="mailto:Icecast@xiph.org" target="_blank">Icecast@xiph.org</a><br>
<a href="http://lists.xiph.org/mailman/listinfo/icecast" rel="noreferrer" target="_blank">http://lists.xiph.org/mailman/listinfo/icecast</a><br>
</blockquote></div></div>