Icecast installation with SSL support for https

Read 14398 times
To put the panel centova with SSL have the steps here
http://www.centova.com/doc/cast/installation_manual/08_Configuring_SSL

Icecast installation with SSL support for https

We beg the lords of cent. Add the option of:
Use normal ports in a group http: // IP: 8xxx how to also customize https: // IP: 9xxx ...  ports in other group

OR

Of the contrary to default by using scaled services: http: // IP: 8xxx and https: // 8xx1 ....

On the other hand the internal files still continue downloading without https: // from the icon "M3U", we ask to improve the panels with both options

I say this because for now we are still using services with manual modifications by putty

My additional settings manually, it is also worth remembering that the PEM file must be put together with a valid certificate.
That what was downloaded: xyz.CRT has become xyz.PEM

Remember that we have installed on a functional server cent. Which requires only adding a few lines.

NOTE: Only to be modified the following
1.- delete "Line25": <port>8005</port>
2.- The content was added on "line 26":
  <listen-socket>
    <port>8005</port>
  </listen-socket>
  <listen-socket>
    <port>9005</port>
    <ssl>1</ssl>
  </listen-socket>
3.- The content was added on "line 47":
<ssl-certificate>/ssl/csrs/icecast.pem</ssl-certificate>
FINALLY

Then the entire service is handled from the percent panel

========================

My current configuratión ICECAST
<icecast>
  <limits>
    <clients>500</clients>
    <sources>3</sources>
    <threadpool>5</threadpool>
    <queue-size>524288</queue-size>
    <client-timeout>30</client-timeout>
    <header-timeout>15</header-timeout>
    <source-timeout>10</source-timeout>
          <burst-on-connect>1</burst-on-connect>
          <burst-size>65535</burst-size>
  </limits>
  <authentication>
          <source-password>password</source-password>
          <relay-password>password</relay-password>
          <admin-user>admin</admin-user>
    <admin-password>password</admin-password>
  </authentication>

  <directory>
    <yp-url-timeout>15</yp-url-timeout>
    <yp-url>http://dir.xiph.org/cgi-bin/yp-cgi</yp-url>
  </directory>
     <hostname>gnstreammedia.com</hostname>
  <bind-address>173.244.209.219</bind-address>
  <listen-socket>
    <port>8005</port>
  </listen-socket>
  <listen-socket>
    <port>9005</port>
    <ssl>1</ssl>
  </listen-socket>
     <mount>
    <mount-name>/stream</mount-name>
    <fallback-mount>/live</fallback-mount>
    <fallback-override>1</fallback-override>
    <fallback-when-full>0</fallback-when-full>
    <public>0</public>
  </mount>
  <fileserve>1</fileserve>
     <paths>
          <basedir>/usr/local/centovacast/var/vhosts/demossl/</basedir>
          <logdir>var/log/</logdir>
    <webroot>web/</webroot>
    <adminroot>admin/</adminroot>
    <pidfile>var/run/server.pid</pidfile>
   <ssl-certificate>/ssl/csrs/icecast.pem</ssl-certificate>
          <alias source="/" dest="/status.xsl" />
  </paths>
  <logging>
    <accesslog>access.log</accesslog>
    <errorlog>error.log</errorlog>
    <playlistlog>playlist.log</playlistlog>
    <loglevel>1</loglevel>
     </logging>
  <security>
    <chroot>0</chroot>
     </security>
</icecast>



my File icecast.PEM mode:
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAqVDqtihgqbB3uYmIg2w9hNtKKvjrjd/wh+OslIK89znju+5g

ts3uKDZonSTbEstO8rUALsKFNOcPSXWJFomqOxiPJbPWMoIBJ4E4Zw==
-----END RSA PRIVATE KEY-----

-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgIIatpZwCjPvZswDQYJKoZIhvcNAQELBQAwgcYxCzAJBgNV

Kg7Oj26GLoCww6gySmtBugSYV7jblhreKewW+1vaSRs/rjBP/s0y9KrIkjg=
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx

7nIMpBKGgc0T0U7EPMpODdIm8QC3tKai4W56gf0wrHofx1l7
-----END CERTIFICATE-----

Example of functional streaming: https://gnstreammedia.com:9005/ and Panel https://gnstreammedia.com:2199/start/demossl/

Here you have all the additional information
http://www.centova.com/doc/cast/installation_manual/08_Configuring_SSL
https://icecast.org/docs/icecast-2.4.1/config-file.html
https://net-andino.blogspot.com/2017/01/rpi-compiling-icecast-with-support-for.html
https://icecast.org/docs/icecast-trunk/config_file/
Last Edit: January 20, 2017, 09:04:02 am by netandino
Net Andino| Creando Soluciones en Computación e Informática y Electrónica.
Sorry, but I did not understand what you meant by this:

Quote
Add the option of:
Use normal ports in a group http: // IP: 8xxx how to also customize https: // IP: 9xxx ...  ports in other group

OR

Of the contrary to default by using scaled services: http: // IP: 8xxx and https: // 8xx1 ....
I mentioned the following.
1.- The developers of centovacast should put the option of personalizing our SSL ports in another group of ports.

If I customize the creation of normal ports in 7000 and with SSL support in 9000 should be the radios as well.
Normal 7000 => SSL 9000; Normal 7001 => SSL 9001


2.- If the developers leave all the service by default normal ports + SSL must use for example of mode:

Normal 7000 => SSL 7001; Normal 7002 => SSL 7003
This taking into account that my panel was customized to create the ports since 7000


3.- The other option will be to use the next available port. If many already have panels working let's say how in my case:
If I delete a normal radio from port 8005; I recreate a radio on my panel, create an 8005 and an additional port with SSL support for an unused port assuming a 8120 is free.

This is because we assume that my radios already exist in ports from 8000 to 8119
Net Andino| Creando Soluciones en Computación e Informática y Electrónica.
Hello netandino,

You may want to post this on the feature requests forum instead.
Hello netandino,

You may want to post this on the feature requests forum instead.

Post it on feature requests and wait 2-3 years or more like we still waiting for tune-in api integration.
Hola

Segui los pasos tal cual los estas colocando en este post y tambien me guia a tu video en youtube pero no logro hacer que cargue la pagina con el socket, existe algo que deba saber y que a lo mejor este fallando.


Agradezco tu ayuda y atencion.