Icecast - Apr 2015 - After I enabled SSL, stream mountpoints broke

I'm running Icecast package 2.4.1 on Ubuntu 14.04 from ttp://
download.opensuse.org/repositories/home:/dm8tbr/xUbuntu_14.04.

I've been running on this server for about 6 months now without any issue
and all my streams run great.  This icecast server is running on the same
host that my wordpress site is running on.  This is all on my own private
server, not a hosting service.

Recently I decided to switch everything to SSL and all went well with the
exception of the icecast server.  The SSL portion of the icecast server is
actually working just fine and the SSL certificate is loading on the admin
page on all modern browsers without any issue or error.  I can see the full
admin page and navigate it without issue.  The problem is as soon as I add
this line to the <paths> section, as required to load the PEM certificate,
my mountpoint streams stopped loading:

<ssl-certificate>/usr/share/icecast2/ssl/mysslcertname.pem</ssl-certificate>

Then my icecast error log fills with this whenever anyone attempts to hit
any of the stream mountpoints that failed to load:

[2015-04-02  18:17:59] INFO fserve/fserve_client_create checking for file
/stream1 (/usr/share/icecast2/web/stream1)
[2015-04-02  18:17:59] WARN fserve/fserve_client_create req for file
"/usr/share/icecast2/web/stream1" No such file or directory
[2015-04-03  01:52:43] INFO fserve/fserve_client_create checking for file
/stream2 (/usr/share/icecast2/web/stream2)
[2015-04-03  01:52:43] WARN fserve/fserve_client_create req for file
"/usr/share/icecast2/web/stream2" No such file or directory

There is nothing in the error logs after I've added this line to the
<paths> and restarted icecast so I'm not sure what is breaking but
I'm
guessing from the errors whenever someone tries to hit the mountpoint that
the file that was supposed to be created never is.  Not sure why adding to
the path would cause this issue, but as soon as I remove it all returns to
a working order with stream mountpoints loading and working
perfectly...though now SSL is broken again :(

Hopefully someone can provide some guidance here!  Thanks!

Nathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.xiph.org/pipermail/icecast/attachments/20150403/f6f225ca/attachment.htm

Good evening,

On Fri, 2015-04-03 at 14:02 -0700, Nathan Miller wrote:
> I'm running Icecast package 2.4.1 on Ubuntu 14.04
> from ttp://download.opensuse.org/repositories/home:/dm8tbr/xUbuntu_14.04.
> 
> 
> I've been running on this server for about 6 months now without any
> issue and all my streams run great.  This icecast server is running on
> the same host that my wordpress site is running on.  This is all on my
> own private server, not a hosting service.
> 
> 
> Recently I decided to switch everything to SSL and all went well with
> the exception of the icecast server.  The SSL portion of the icecast
> server is actually working just fine and the SSL certificate is
> loading on the admin page on all modern browsers without any issue or
> error.  I can see the full admin page and navigate it without issue.
> The problem is as soon as I add this line to the <paths> section, as
> required to load the PEM certificate, my mountpoint streams stopped
> loading:
> 
> 
>
<ssl-certificate>/usr/share/icecast2/ssl/mysslcertname.pem</ssl-certificate>
> 
> 
> 
> Then my icecast error log fills with this whenever anyone attempts to
> hit any of the stream mountpoints that failed to load:
> 
> 
> [2015-04-02  18:17:59] INFO fserve/fserve_client_create checking for
> file /stream1 (/usr/share/icecast2/web/stream1)
> [2015-04-02  18:17:59] WARN fserve/fserve_client_create req for file
> "/usr/share/icecast2/web/stream1" No such file or directory
> [2015-04-03  01:52:43] INFO fserve/fserve_client_create checking for
> file /stream2 (/usr/share/icecast2/web/stream2)
> [2015-04-03  01:52:43] WARN fserve/fserve_client_create req for file
> "/usr/share/icecast2/web/stream2" No such file or directory
Those messages tell that there is no mount nor a file in web/. I suspect
that the stream is not mounted (= the source is not connected).

> There is nothing in the error logs after I've added this line to the
> <paths> and restarted icecast so I'm not sure what is breaking
but I'm
> guessing from the errors whenever someone tries to hit the mountpoint
> that the file that was supposed to be created never is.  Not sure why
> adding to the path would cause this issue, but as soon as I remove it
> all returns to a working order with stream mountpoints loading and
> working perfectly...though now SSL is broken again :(
Which source client do you use? If you switch the port to TLS that is
used by the source client to connect you also need to set the source
client to TLS mode.

> Hopefully someone can provide some guidance here!  Thanks!
Please come back with the answers. I'm sure this isn't impossible.

Have a good night!

-- 
Philipp.
 (Rah of PH2)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
Url :
http://lists.xiph.org/pipermail/icecast/attachments/20150403/874220bc/attachment.pgp

Philipp,

Thank you for your quick response.  I can't believe that I didn't think
of
that...I guess I just assumed that it would use SSL.  I'm using Liquidsoap
as my source client.  Once you brought that up I started researching
whether there was a way to force Liquidsoap to use SSL and from what I
found it doesn't look like there is an option...but please correct me if
you or anyone else who reads this knows differently.

After I had a good idea of what was happening I found this other thread
http://lists.xiph.org/pipermail/icecast/2015-January/013118.html that talks
about exactly what I'm trying to do using Liquidsoap.  I followed it and
I'm good now running on two ports...one SSL and one not from connecting to
Liquidsoap.

Thanks again for your hint :) and please let me know if you've seen other
ways to tackle this with Liquidsoap than what I setup.

Nathan

On Fri, Apr 3, 2015 at 3:41 PM, Philipp Schafft <lion at lion.leolix.org>
wrote:
> Good evening,
>
> On Fri, 2015-04-03 at 14:02 -0700, Nathan Miller wrote:
> > I'm running Icecast package 2.4.1 on Ubuntu 14.04
> > from
ttp://download.opensuse.org/repositories/home:/dm8tbr/xUbuntu_14.04
> .
> >
> >
> > I've been running on this server for about 6 months now without
any
> > issue and all my streams run great.  This icecast server is running on
> > the same host that my wordpress site is running on.  This is all on my
> > own private server, not a hosting service.
> >
> >
> > Recently I decided to switch everything to SSL and all went well with
> > the exception of the icecast server.  The SSL portion of the icecast
> > server is actually working just fine and the SSL certificate is
> > loading on the admin page on all modern browsers without any issue or
> > error.  I can see the full admin page and navigate it without issue.
> > The problem is as soon as I add this line to the <paths>
section, as
> > required to load the PEM certificate, my mountpoint streams stopped
> > loading:
> >
> >
> >
>
<ssl-certificate>/usr/share/icecast2/ssl/mysslcertname.pem</ssl-certificate>
> >
> >
> >
> > Then my icecast error log fills with this whenever anyone attempts to
> > hit any of the stream mountpoints that failed to load:
> >
> >
> > [2015-04-02  18:17:59] INFO fserve/fserve_client_create checking for
> > file /stream1 (/usr/share/icecast2/web/stream1)
> > [2015-04-02  18:17:59] WARN fserve/fserve_client_create req for file
> > "/usr/share/icecast2/web/stream1" No such file or directory
> > [2015-04-03  01:52:43] INFO fserve/fserve_client_create checking for
> > file /stream2 (/usr/share/icecast2/web/stream2)
> > [2015-04-03  01:52:43] WARN fserve/fserve_client_create req for file
> > "/usr/share/icecast2/web/stream2" No such file or directory
>
> Those messages tell that there is no mount nor a file in web/. I suspect
> that the stream is not mounted (= the source is not connected).
>
>
> > There is nothing in the error logs after I've added this line to
the
> > <paths> and restarted icecast so I'm not sure what is
breaking but I'm
> > guessing from the errors whenever someone tries to hit the mountpoint
> > that the file that was supposed to be created never is.  Not sure why
> > adding to the path would cause this issue, but as soon as I remove it
> > all returns to a working order with stream mountpoints loading and
> > working perfectly...though now SSL is broken again :(
>
> Which source client do you use? If you switch the port to TLS that is
> used by the source client to connect you also need to set the source
> client to TLS mode.
>
>
> > Hopefully someone can provide some guidance here!  Thanks!
>
> Please come back with the answers. I'm sure this isn't impossible.
>
> Have a good night!
>
> --
> Philipp.
>  (Rah of PH2)
>
> _______________________________________________
> Icecast mailing list
> Icecast at xiph.org
> http://lists.xiph.org/mailman/listinfo/icecast
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.xiph.org/pipermail/icecast/attachments/20150403/c65f2726/attachment.htm