@ the guy with the ssl certs problem: recheck file- and folder-permissions. check if the ssl.-cert is generated correct. re-check the icecast config-file and it's file- and folder-permissions. are the involved files in the correct location so icecast can find them? what about the pid-entry? greets gee
On 9 Jul 2016, at 13:19, buddylove wrote:> @ the guy with the ssl certs problem:Please reply properly to the E-Mails, just replaying to the list without the correct In-reply-to will break threads and makes using the mailinglist very annoying, as if I had chosen to ignore the thread you replied to, I would still see your E-Mail.> > recheck file- and folder-permissions. > check if the ssl.-cert is generated correct. > re-check the icecast config-file and it's file- and folder-permissions. > are the involved files in the correct location so icecast can find them? > what about the pid-entry? > > greets > gee > _______________________________________________ > Icecast mailing list > Icecast at xiph.org > http://lists.xiph.org/mailman/listinfo/icecast
1. I already have the cert and key files. How do I combine these existing keys into a single PEM file?2. What directory do you suggest I place they PEM file?> To: icecast at xiph.org > From: bluntroller at yandex.com > Date: Sat, 9 Jul 2016 13:19:03 +0200 > Subject: [Icecast] ssl-cert's > > @ the guy with the ssl certs problem: > > recheck file- and folder-permissions. > check if the ssl.-cert is generated correct. > re-check the icecast config-file and it's file- and folder-permissions. > are the involved files in the correct location so icecast can find them? > what about the pid-entry? > > greets > gee > _______________________________________________ > Icecast mailing list > Icecast at xiph.org > http://lists.xiph.org/mailman/listinfo/icecast-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.xiph.org/pipermail/icecast/attachments/20160710/3be7ac6e/attachment.html>
I am not familiar with the usage of SSL-Certs (in Icecast). I'd recommend to put them somewhere into a folder the webserver has access to. Don't forget to change ownership and mode etc. check this out about you problem with the files -> http://stackoverflow.com/questions/991758/how-to-get-an-openssl-pem-file-from-key-and-crt-files
# cat fullchain.pem privkey.pem >combined.pem I wouldn't think it matters much where you put the cert as long as the running Icecast user has permissions to read it. I'd create (if not already created) /etc/icecast personally. <ssl-certificate>: If specified, this points to the location of a file that contains both the X.509 private and public key. This is required for HTTPS support to be enabled. Please note that the user Icecast is running as must be able to read the file. Failing to ensure this will cause a "Invalid cert file" WARN message, just as if the file wasn't there. Cheers, Jordan On 07/10/2016 02:11 PM, Walter York wrote:> 1. I already have the cert and key files. How do I combine these > existing keys into a single PEM file? > 2. What directory do you suggest I place they PEM file? > >> To: icecast at xiph.org >> From: bluntroller at yandex.com >> Date: Sat, 9 Jul 2016 13:19:03 +0200 >> Subject: [Icecast] ssl-cert's >> >> @ the guy with the ssl certs problem: >> >> recheck file- and folder-permissions. >> check if the ssl.-cert is generated correct. >> re-check the icecast config-file and it's file- and folder-permissions. >> are the involved files in the correct location so icecast can find them? >> what about the pid-entry? >> >> greets >> gee >> _______________________________________________ >> Icecast mailing list >> Icecast at xiph.org >> http://lists.xiph.org/mailman/listinfo/icecast > > > _______________________________________________ > Icecast mailing list > Icecast at xiph.org > http://lists.xiph.org/mailman/listinfo/icecast >-- Jordan Erickson (PGP: 0x78DD41CB) Logical Networking Solutions, 707-636-5678