Wowza |

Wowza Streaming Engine Manager over https

May 7, 2018 Leave a comment

I am using let’s encrypt certificates for this how’to. First of all we install certbot and generate certificate for our domain.

# git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

# cd /opt/letsencrypt/
# ./letsencrypt-auto certonly --standalone -d origin01.streaming.sk
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for origin01.streaming.sk
Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/origin01.streaming.sk/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/origin01.streaming.sk/privkey.pem
   Your cert will expire on 2018-01-22. To obtain a new or tweaked
   version of this certificate in the future, simply run
   letsencrypt-auto again. To non-interactively renew *all* of your
   certificates, run "letsencrypt-auto renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Now we need to convert generated certificate to .jks form. We use wowza-letsencrypt-converter for converting.Tool is looking for certifcate/key in default live folder.

# /usr/local/WowzaStreamingEngine/java/bin/java -jar /root/ssl/wowza-letsencrypt-converter-0.1.jar -v /usr/local/WowzaStreamingEngine/content/ /etc/letsencrypt/live/ Converting certificates: /etc/letsencrypt/live/ => /usr/local/WowzaStreamingEngine/content/
Reading origin01.dubnik.sk
-> origin01.dubnik.sk
Writing origin01.dubnik.sk.jks
Writing jksmap.txt

Last step is edit WowzaStreamingEngineManager startup script.We just simply add folowing parmaeters to /usr/local/WowzaStreamingEngine/manager/bin/startmgr.sh file. We put the this parameters after –httpPort=8088.

--httpsPort=8090 --httpsKeyStore="/usr/local/WowzaStreamingEngine/content/origin01.streaming.sk.jks" --httpsKeyStorePassword="secret"

Now we can restart WowzaStreamingEngineManager and check https for WSE.

# systemctl restart WowzaStreamingEngineManager
# netstat -tapn | grep -i 8090
tcp        0      0 0.0.0.0:8090            0.0.0.0:*               LISTEN      15758/java

Filed under Wowza Tagged with wowza manager https lets encrypt

M	T	W	T	F	S	S
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Wowza Streaming Engine Manager over https

Categories

Archives

Wowza Streaming Engine Manager over https

Share this:

Categories

Archives