Hello!
Thank you for help.
CAT not working for me, because I use windows8, not Linux.
Certificate convert in this command:
type certificate.crt ca_bundle.crt private.key > icecast.pem
Copy icecast.pem in root of icecast, this is: D:\Icecast/
Run icecast and error.log display:
[2020-06-23 07:29:36] INFO main/main.c Icecast 2.4.4 server started
[2020-06-23 07:29:36] DBUG yp/yp.c Updating YP configuration
[2020-06-23 07:29:36] INFO yp/yp.c YP update thread started
[2020-06-23 07:29:36] WARN connection/connection.c Invalid cert file
/icecast.pem
[2020-06-23 07:29:36] INFO connection/connection.c No SSL capability on
any configured ports
[2020-06-23 07:29:37] DBUG slave/slave.c checking master stream list
[2020-06-23 07:29:42] DBUG stats/stats.c update global clients (1)
[2020-06-23 07:29:42] DBUG stats/stats.c update global connections (1)
[2020-06-23 07:29:57] DBUG stats/stats.c update global clients (0)
or:
[2020-06-23 07:33:34] INFO main/main.c Icecast 2.4.4 server started
[2020-06-23 07:33:34] DBUG yp/yp.c Updating YP configuration
[2020-06-23 07:33:34] INFO yp/yp.c YP update thread started
[2020-06-23 07:33:34] WARN connection/connection.c Invalid cert file
d:\Icecast/icecast.pem
[2020-06-23 07:33:34] INFO connection/connection.c No SSL capability on
any configured ports
[2020-06-23 07:33:35] DBUG slave/slave.c checking master stream list
[2020-06-23 07:33:52] DBUG stats/stats.c update global clients (1)
[2020-06-23 07:33:52] DBUG stats/stats.c update global connections (1)
[2020-06-23 07:34:07] DBUG stats/stats.c update global clients (0)
or:
[2020-06-23 07:38:24] INFO main/main.c Icecast 2.4.4 server started
[2020-06-23 07:38:24] DBUG yp/yp.c Updating YP configuration
[2020-06-23 07:38:24] INFO yp/yp.c YP update thread started
[2020-06-23 07:38:24] WARN connection/connection.c Invalid cert file
/Icecast/icecast.pem
[2020-06-23 07:38:24] INFO connection/connection.c No SSL capability on
any configured ports
[2020-06-23 07:38:25] DBUG slave/slave.c checking master stream list
Port is:
<listen-socket>
<port>8443</port>
<ssl>1</ssl>
</listen-socket>
And paths:
<paths>
<logdir>./log</logdir>
<webroot>./web</webroot>
<adminroot>./admin</adminroot>
<alias source="/" destination="/status.xsl"/>
<!-- The certificate file needs to contain both public and private
part.
Both should be PEM encoded.-->
<ssl-certificate>/Icecast/icecast.pem</ssl-certificate>
</paths>
I don't know what can I do wrong......
V V pon., 22. jun. 2020 ob 23:25 je oseba Paul Martin <pm at
nowster.me.uk>
napisala:
> On Mon, Jun 22, 2020 at 05:14:48PM +0200, Ervin Bizjak wrote:
> > file ca_bundle.crt:
> > -----BEGIN CERTIFICATE-----
> > MIIG1TCCBL2gAwIBAgIQbFWr29AHksedBwzYEZ7WvzANBgkqhkiG9w0BAQwFADCB
> > iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
> >
> > file: certificate.crt:
> > -----BEGIN CERTIFICATE-----
> > MIIGfjCCBGagAwIBAgIRAPqeon+kOZ6aXWx4AImqAQwwDQYJKoZIhvcNAQEMBQAw
> > SzELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB1plcm9TU0wxKjAoBgNVBAMTIVplcm9T
> >
> > file: private.key:
> > -----BEGIN RSA PRIVATE KEY-----
> > MIIEogIBAAKCAQEAkCUP/iQJgZ2HVgA/o6LRjRfiHgr2/yWxCTwS24vBpxepKEJZ
> > m/smYD3livDhXID3fjI9vJPnPkCgr9u6G63yqt41DK6fZ5ojnbJXD88SykRMP/Cs
>
> Run...
>
> cat certificate.crt ca_bundle.crt private.key >icecast.pem
>
> and change the ownership and permissions of the icecast.pem file so
> that only the icecast server software can read it.
>
> Then, in icecast.xml's "<paths>" block, add:
>
>
<ssl-certificate>/etc/icecast2/icecast.pem</ssl-certificate>
>
> Changing the file path to point to where you've put the icecast.pem
> file.
>
> --
> Paul Martin <pm at nowster.me.uk>
> _______________________________________________
> Icecast mailing list
> Icecast at xiph.org
> http://lists.xiph.org/mailman/listinfo/icecast
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.xiph.org/pipermail/icecast/attachments/20200623/859b8447/attachment.html>
On Tue, Jun 23, 2020 at 07:58:35AM +0200, Ervin Bizjak wrote:> CAT not working for me, because I use windows8, not Linux.In that case you probably need to check the files are proper text files and correctly terminated. Open the icecast.pem file in a text editor. It should look something like this. The "..." represents many lines of base-64 encoded data. All the data lines should be the same length, except for the last line in each section. -----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgISBIPa+jJe6VGpeSANiZUlOHRoOMSd5ShZqIkvDQC2dkm0 mWW12hv4hfXgohn93Q/NstHq3hu5wRega3caQ9xtrf0LNTABdeuXuOntwBSzIGvx h+JGlOrXRo8x3FwyFNOilTU9aXTwB31T//l7pEQtrJwzhU8oW91sXhRpH/85IMYY ... Q54SFBxXzaxh/Ctqdgv2Ps+3O35Y0EhOQY5egC2EneXza9cxFeM-----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEkjCCA3qgYMEOPwO0GoU9OP6z1NeelJPc4ViX7yM/yVOzY8o43SMR1EPAKWnL JXS+afquhx6n4SjHKy8D142K55w11beTgN0XtERQ6CQVsWrWB7T+AqGpkAoyh3Nl FdylWWkUsHCfYecjfYzA0nNqhpgISaCbmGsuj8HmT6+kr3ha0WdMvy+wy7tb3Exf ... X7SLD9j35mPMO2BGAPONMqhiQ+qluw=-----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- MIIEvQIBADANAW64kp3aGDR1DiYTuRsd/yq9KqBXNky2sidHHIGXiaJ7ETNXvuPt Xf+nTNfaOi1oO6cmzWSdu1pzxEfJkqHGNq4Y3KhPuL9WFQeO7R0zQnnPOTA0xT26 k8OGh2BeT7bMD44/Y2v6QaMZgfLLmAcq8v6XUPqRwMMy58j1n5fusWPcmUJFY1nW ... 408Pk4F/cVOz/l+aPiHWPqg-----END PRIVATE KEY----- The most likely damage would be that the begin/end delimiters are mashed together, or that there are cut-and-paste errors. PS. Just in case anyone's wondering, the data in my example here beyond the first few bytes are random gibberish. It's not part of any valid certificate or key data. -- Paul Martin <pm at nowster.me.uk>
Tgis is my certificate: -----BEGIN CERTIFICATE----- MIIGfjCCBGagAwIBAgIRAPqeon+kOZ6aXWx4AImqAQwwDQYJKoZIhvcNAQEMBQAw SzELMAkGA1UEBhMCQVQxEDAOBgNVBAoTB1plcm9TU0wxKjAoBgNVBAMTIVplcm9T U0wgUlNBIERvbWFpbiBTZWN1cmUgU2l0ZSBDQTAeFw0yMDA1MDcwMDAwMDBaFw0 -----END CERTIFICATE----------BEGIN CERTIFICATE----- MIIG1TCCBL2gAwIBAgIQbFWr29AHksedBwzYEZ7WvzANBgkqhkiG9w0BAQwFADCB iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0p -----END CERTIFICATE----------BEGIN RSA PRIVATE KEY----- MIIEogIBAAKCAQEAkCUP/iQJgZ2HVgA/o6LRjRfiHgr2/yWxCTwS24vBpxepKEJZ m/smYD3livDhXID3fjI9vJPnPkCgr9u6G63yqt41DK6fZ5ojnbJXD88SykRMP/Cs Dk+qAojubW1UqzG2NKeOVZ6xslDt4N5U27rw2VStrUwk1kx5Lt0-----END RSA PRIVATE KEY----- V V tor., 23. jun. 2020 ob 18:33 je oseba Paul Martin <pm at nowster.me.uk> napisala:> On Tue, Jun 23, 2020 at 07:58:35AM +0200, Ervin Bizjak wrote: > > CAT not working for me, because I use windows8, not Linux. > > In that case you probably need to check the files are proper text > files and correctly terminated. > > Open the icecast.pem file in a text editor. It should look something > like this. The "..." represents many lines of base-64 encoded > data. All the data lines should be the same length, except for the > last line in each section. > > -----BEGIN CERTIFICATE----- > MIIFwjCCBKqgAwIBAgISBIPa+jJe6VGpeSANiZUlOHRoOMSd5ShZqIkvDQC2dkm0 > mWW12hv4hfXgohn93Q/NstHq3hu5wRega3caQ9xtrf0LNTABdeuXuOntwBSzIGvx > h+JGlOrXRo8x3FwyFNOilTU9aXTwB31T//l7pEQtrJwzhU8oW91sXhRpH/85IMYY > ... > Q54SFBxXzaxh/Ctqdgv2Ps+3O35Y0EhOQY5egC2EneXza9cxFeM> -----END CERTIFICATE----- > -----BEGIN CERTIFICATE----- > MIIEkjCCA3qgYMEOPwO0GoU9OP6z1NeelJPc4ViX7yM/yVOzY8o43SMR1EPAKWnL > JXS+afquhx6n4SjHKy8D142K55w11beTgN0XtERQ6CQVsWrWB7T+AqGpkAoyh3Nl > FdylWWkUsHCfYecjfYzA0nNqhpgISaCbmGsuj8HmT6+kr3ha0WdMvy+wy7tb3Exf > ... > X7SLD9j35mPMO2BGAPONMqhiQ+qluw=> -----END CERTIFICATE----- > -----BEGIN PRIVATE KEY----- > MIIEvQIBADANAW64kp3aGDR1DiYTuRsd/yq9KqBXNky2sidHHIGXiaJ7ETNXvuPt > Xf+nTNfaOi1oO6cmzWSdu1pzxEfJkqHGNq4Y3KhPuL9WFQeO7R0zQnnPOTA0xT26 > k8OGh2BeT7bMD44/Y2v6QaMZgfLLmAcq8v6XUPqRwMMy58j1n5fusWPcmUJFY1nW > ... > 408Pk4F/cVOz/l+aPiHWPqg> -----END PRIVATE KEY----- > > The most likely damage would be that the begin/end delimiters are > mashed together, or that there are cut-and-paste errors. > > PS. Just in case anyone's wondering, the data in my example here > beyond the first few bytes are random gibberish. It's not part of any > valid certificate or key data. > > -- > Paul Martin <pm at nowster.me.uk> > _______________________________________________ > Icecast mailing list > Icecast at xiph.org > http://lists.xiph.org/mailman/listinfo/icecast >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.xiph.org/pipermail/icecast/attachments/20200623/b517d2fd/attachment.html>