I made a special pair of keys just for Icecast with this command: $ openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem I combined the two files like this: $ cat cert.pem key.pem > icecast.pem I placed icecast.pem in /etc/icecast2 and used 'chown icecast2:icecast icecast.pem' to change owner to icecast2:icecast. I also changed its protection to 600 with 'chmod 600 icecast.pem' since it does contain a private key. The listen socket has SSL enabled: <ssl>1</ssl> I check <paths> in icecast.xml: <ssl-certificate>/etc/icecast2/icecast.pem</ssl-certificate> I reloaded the configuration: $ /etc/init.d/icecast2 reload Tested with: https://theglobalvoice.info:8443/broadband Same PR_END_OF_FILE error. I'm stumped.
Which version of Icecast are you running and from which repo did you install it? I always used the xiph repo: http://download.opensuse.org/repositories/multimedia:/xiph/ as for example on at least older Debian versions the one on the official repos were NOT compiled with ssl support. Cheers, Paul -----Oorspronkelijk bericht----- Van: Icecast <icecast-bounces at xiph.org> Namens Steve Matzura Verzonden: Monday, 6 February 2023 04:35 Aan: Icecast streaming server user discussions <icecast at xiph.org> Onderwerp: [Icecast] Still Struggling with Secure Connections I made a special pair of keys just for Icecast with this command: $ openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem I combined the two files like this: $ cat cert.pem key.pem > icecast.pem I placed icecast.pem in /etc/icecast2 and used 'chown icecast2:icecast icecast.pem' to change owner to icecast2:icecast. I also changed its protection to 600 with 'chmod 600 icecast.pem' since it does contain a private key. The listen socket has SSL enabled: <ssl>1</ssl> I check <paths> in icecast.xml: <ssl-certificate>/etc/icecast2/icecast.pem</ssl-certificate> I reloaded the configuration: $ /etc/init.d/icecast2 reload Tested with: https://theglobalvoice.info:8443/broadband Same PR_END_OF_FILE error. I'm stumped. _______________________________________________ Icecast mailing list Icecast at xiph.org http://lists.xiph.org/mailman/listinfo/icecast
webmaster at berean-biblechurch.org
2023-Feb-07 00:38 UTC
[Icecast] Still Struggling with Secure Connections
Remove the ":8443" and it works. On 2023-02-05 21:34, Steve Matzura wrote:> I made a special pair of keys just for Icecast with this command: > > $ openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout > key.pem -out cert.pem > > I combined the two files like this: > > $ cat cert.pem key.pem > icecast.pem > > I placed icecast.pem in /etc/icecast2 and used 'chown icecast2:icecast > icecast.pem' to change owner to icecast2:icecast. > > I also changed its protection to 600 with 'chmod 600 icecast.pem' > since it does contain a private key. > > > The listen socket has SSL enabled: > > > <ssl>1</ssl> > > > I check <paths> in icecast.xml: > > <ssl-certificate>/etc/icecast2/icecast.pem</ssl-certificate> > > I reloaded the configuration: > > $ /etc/init.d/icecast2 reload > > Tested with: > > https://theglobalvoice.info:8443/broadband > > > Same PR_END_OF_FILE error. > > > I'm stumped. > _______________________________________________ > Icecast mailing list > Icecast at xiph.org > http://lists.xiph.org/mailman/listinfo/icecast