CentovaCast Enable SSL for shoutcast
To enable SSL for stream, you can use nginx reverse proxy.
In this case, i have a stream available on
http://my-domain.com:8000/index.html?sid=1
I want to make it available using SSL at
https://my-domain.com:9000/index.html?sid=1
The port will need to be differnt as you can’t run both HTTP and HTTPS on same port. So i used Port 8000 here. All traffic to this port using HTTPS will be forwarded to HTTP port. To do this install nginx
|
1 |
yum install nginx |
Add a virtual host configuration at
|
1 |
vi /etc/nginx/conf.d/port8000.conf |
with following content
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
server { listen 8000 ssl; server_name your-domain.com; root /usr/share/nginx/html; ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem; # include /etc/letsencrypt/options-ssl-nginx.conf; # ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; proxy_read_timeout 600s; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_pass http://YOUR_IP_HERE:8000; } } |
Now restart nginx
|
1 |
systemctl restart nginx |
Auto restart Nginx
Since we used free LetsEncrypt SSL for the domain, you will need to auto restart Nginx. This can be done by adding a cronjon
|
1 |
@weekly systemctl restart nginx |
You may also need to add cronjob for renewing SSL, this you can find at https://serverok.in/letsencrypt. In case of CentovaCast, SSL is managed by CentovaCast, so you need to worry about auto renewing SSL certificate.