<div dir="ltr"><div>Hello!</div><div>Thank you for help.</div><div><br></div><div>CAT not working for me, because I use windows8, not Linux.</div><div><br></div><div>Certificate convert in this command:<br></div><div>type certificate.crt ca_bundle.crt private.key > icecast.pem</div><div><br></div><div>Copy icecast.pem in root of icecast, this is: D:\Icecast/</div><div><br></div><div>Run icecast and error.log display:</div><div>[2020-06-23  07:29:36] INFO main/main.c Icecast 2.4.4 server started<br>[2020-06-23  07:29:36] DBUG yp/yp.c Updating YP configuration<br>[2020-06-23  07:29:36] INFO yp/yp.c YP update thread started<br>[2020-06-23  07:29:36] WARN connection/connection.c Invalid cert file /icecast.pem<br>[2020-06-23  07:29:36] INFO connection/connection.c No SSL capability on any configured ports<br>[2020-06-23  07:29:37] DBUG slave/slave.c checking master stream list<br>[2020-06-23  07:29:42] DBUG stats/stats.c update global clients (1)<br>[2020-06-23  07:29:42] DBUG stats/stats.c update global connections (1)<br>[2020-06-23  07:29:57] DBUG stats/stats.c update global clients (0)</div><div><br></div><div>or:</div><div>[2020-06-23  07:33:34] INFO main/main.c Icecast 2.4.4 server started<br>[2020-06-23  07:33:34] DBUG yp/yp.c Updating YP configuration<br>[2020-06-23  07:33:34] INFO yp/yp.c YP update thread started<br>[2020-06-23  07:33:34] WARN connection/connection.c Invalid cert file d:\Icecast/icecast.pem<br>[2020-06-23  07:33:34] INFO connection/connection.c No SSL capability on any configured ports<br>[2020-06-23  07:33:35] DBUG slave/slave.c checking master stream list<br>[2020-06-23  07:33:52] DBUG stats/stats.c update global clients (1)<br>[2020-06-23  07:33:52] DBUG stats/stats.c update global connections (1)<br>[2020-06-23  07:34:07] DBUG stats/stats.c update global clients (0)</div><div><br></div><div>or:</div><div>[2020-06-23  07:38:24] INFO main/main.c Icecast 2.4.4 server started<br>[2020-06-23  07:38:24] DBUG yp/yp.c Updating YP configuration<br>[2020-06-23  07:38:24] INFO yp/yp.c YP update thread started<br>[2020-06-23  07:38:24] WARN connection/connection.c Invalid cert file /Icecast/icecast.pem<br>[2020-06-23  07:38:24] INFO connection/connection.c No SSL capability on any configured ports<br>[2020-06-23  07:38:25] DBUG slave/slave.c checking master stream list</div><div><br></div><div>Port is:</div><div>    <listen-socket><br>        <port>8443</port><br>        <ssl>1</ssl><br>    </listen-socket></div><div><br></div><div>And paths:</div><div>    <paths><br>        <logdir>./log</logdir><br>        <webroot>./web</webroot><br>        <adminroot>./admin</adminroot><br>        <alias source="/" destination="/status.xsl"/><br>        <!-- The certificate file needs to contain both public and private part.<br>             Both should be PEM encoded.--><br>        <ssl-certificate>/Icecast/icecast.pem</ssl-certificate><br>    </paths></div><div><br></div><div>I don't know what can I do wrong...... <br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">V V pon., 22. jun. 2020 ob 23:25 je oseba Paul Martin <<a href="mailto:pm@nowster.me.uk">pm@nowster.me.uk</a>> napisala:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Mon, Jun 22, 2020 at 05:14:48PM +0200, Ervin Bizjak wrote:<br>
> file ca_bundle.crt:<br>
> -----BEGIN CERTIFICATE-----<br>
> MIIG1TCCBL2gAwIBAgIQbFWr29AHksedBwzYEZ7WvzANBgkqhkiG9w0BAQwFADCB<br>
> iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl<br>
> <br>
> file: certificate.crt:<br>
> -----BEGIN CERTIFICATE-----<br>
> MIIGfjCCBGagAwIBAgIRAPqeon+kOZ6aXWx4AImqAQwwDQYJKoZIhvcNAQEMBQAw<br>
> SzELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB1plcm9TU0wxKjAoBgNVBAMTIVplcm9T<br>
> <br>
> file: private.key:<br>
> -----BEGIN RSA PRIVATE KEY-----<br>
> MIIEogIBAAKCAQEAkCUP/iQJgZ2HVgA/o6LRjRfiHgr2/yWxCTwS24vBpxepKEJZ<br>
> m/smYD3livDhXID3fjI9vJPnPkCgr9u6G63yqt41DK6fZ5ojnbJXD88SykRMP/Cs<br>
<br>
Run...<br>
<br>
        cat certificate.crt ca_bundle.crt private.key >icecast.pem<br>
<br>
and change the ownership and permissions of the icecast.pem file so<br>
that only the icecast server software can read it.<br>
<br>
Then, in icecast.xml's "<paths>" block, add:<br>
<br>
        <ssl-certificate>/etc/icecast2/icecast.pem</ssl-certificate><br>
<br>
Changing the file path to point to where you've put the icecast.pem<br>
file.<br>
<br>
-- <br>
Paul Martin <<a href="mailto:pm@nowster.me.uk" target="_blank">pm@nowster.me.uk</a>><br>
_______________________________________________<br>
Icecast mailing list<br>
<a href="mailto:Icecast@xiph.org" target="_blank">Icecast@xiph.org</a><br>
<a href="http://lists.xiph.org/mailman/listinfo/icecast" rel="noreferrer" target="_blank">http://lists.xiph.org/mailman/listinfo/icecast</a><br>
</blockquote></div>