dtouch3d completely
2015-Jan-14 11:13 UTC
[Icecast] Source can't connect to Icecast with SSL enabled
Hello,
I have liquidsoap streaming to icecast with url authentication and
everything works as it should. However, I enabled SSL in icecast to
enhance security and now the source doesn't connect.
In the error.log I see
[2015-01-14 11:49:11] DBUG slave/_slave_thread checking master stream list
[2015-01-14 11:49:13] DBUG client/client_read_bytes reading from
connection has failed
[2015-01-14 11:49:13] DBUG client/client_destroy Called to
destory client 0x7f69f00fcbd0
and in the liquidsoap log
2015/01/14 11:51:29 [chr_80s:3] Connecting mount stream for
source at localhost...
2015/01/14 11:51:29 [chr_80s:2] Connection failed: could not read
data from host: Connection reset by peer in read()
In icecast.xml
<listen-socket>
<port>18042</port>
<ssl>1</ssl>
</listen-socket>
...
<paths>
<ssl-certificate>/usr/local/share/icecast/icecast.pem</ssl-certificate>
</paths>
This only happens if I enable SSL. Without it everything works fine.
I thought SSL had nothing to do with the source authentication. The
source password is correct. Is this normal ?
Thank you very much in advance.
"Thomas B. Rücker"
2015-Jan-14 11:46 UTC
[Icecast] Source can't connect to Icecast with SSL enabled
On 01/14/2015 11:13 AM, dtouch3d completely wrote:> Hello, > > I have liquidsoap streaming to icecast with url authentication and > everything works as it should. However, I enabled SSL in icecast to > enhance security and now the source doesn't connect.<snip> Have you verified that the source supports SSL? I don't think there are many that do. If not you might need to wrap the source side of things into a "stunnel". Cheers Thomas
dtouch3d completely
2015-Jan-14 11:59 UTC
[Icecast] Source can't connect to Icecast with SSL enabled
No I haven't because I thought SSL would be only enabled for the listener auth, not source auth. So apparently if I want listener SSL the source must support SSL also ? That sounds kind of unnecessary and preferably should be an option. If this is not possible I guess stunnel is the only way to go. Thank you very much. On Wed, Jan 14, 2015 at 1:46 PM, "Thomas B. R?cker" <thomas at ruecker.fi> wrote:> On 01/14/2015 11:13 AM, dtouch3d completely wrote: >> Hello, >> >> I have liquidsoap streaming to icecast with url authentication and >> everything works as it should. However, I enabled SSL in icecast to >> enhance security and now the source doesn't connect. > <snip> > > Have you verified that the source supports SSL? I don't think there are > many that do. > If not you might need to wrap the source side of things into a "stunnel". > > Cheers > > Thomas > _______________________________________________ > Icecast mailing list > Icecast at xiph.org > http://lists.xiph.org/mailman/listinfo/icecast