Securing Icecast Stream with SSL

Read 2003 times
Greetings:
I am in the process of switching my stations from ShoutcastV2 to Icecast2 so that I may use SSL.  I was able to install a cert from Let's Encrypt for the Centova site, and I can access the control panel with https://.  I added a listener to the server.conf as follows:
<listen-socket>
    <port>8006</port>
    <ssl>1</ssl>
  </listen-socket>
and added the path to the SSL for Centova like this:
<ssl-certificate>/usr/local/centovacast/etc/ssl/certificate.pem</ssl-certificate>
I left these lines as they were:
 <!-- You can use these two if you only want a single listener -->
     <port>8006</port>
  <bind-address>IP_address</bind-address>
I restarted the server and attempted to access the stream at https://example.com:PORT/stream.  I get a server disconnect error message.  I can access the stream at http:// -- The .pem file appears to have the cert, followed by the key.  Any ideas?  Thanks!
Last Edit: July 08, 2020, 10:18:48 am by dgarlock
I had the same problem.

1. the certificate file in the icecast configuration needs to contain both the certificate and the key,
or if you use letsencrypt you need to create a file containing the fullchain and the private key

2. on Debian 10 it only works with the package from Xiph org itself. neither the std-debain package nor the compiled one has ssl-support