![]() |
#1 |
Member
|
Stunnel and Shoutcast (https/SSL streaming) setup
I just discovered Stunnel and using it with Shoutcast for https (SSL) streaming without having to have a Shoutcast for Business (Premium) account. Basically, Stunnel takes the Shoutcast server and makes it https (SSL) without having to make any changes to the Shoutcast DNAS config itself. It turned out to be a lot easier than I thought it would be. The biggest hurdle I faced was finding up to date directions. This was done on a dedicated server with: CentOS 6. Also, Shoutcast DNAS and Stunnel were already installed and the port I used for https (SSL) streaming was already open and NOT used by another service.
1. Login to the server as root using SSH. 2. Follow the instructions to create a Let's Encrypt SSH key for Stunnel to use (even if you don't have a Shoutcast for Business account). When I did this, I had several dependencies that needed to be installed before I could actually run the certbot-auto command: https://help.shoutcast.com/hc/en-us/...rver-Software- 3. Go to the Stunnel directory (cd /etc/stunnel/) 4. Create stunnel.conf file (nano stunnel.conf). Add the following lines and save (CTRL - X): accept=port that https (SSL) stream should go out on connect=current domain and port of where your current Shoutcast server is (mine is on the same server which is why I use localhost cert and key=replace your domain name used in step #2 code: 5. Start Stunnel (/usr/bin/stunnel) 6. Go to https://yourdomain.com:<port used for Stunnel> and you should see your Shoutcast v2 page if everything worked correctly. (PS: I hope that the Shoutcast admins will not remove this post post, especially for us with very limited budgets trying to reach the largest audience possible.) the detour network - detour MUSIC, detour TALK Purple Zebra Consulting-http://purplezebra.us Supporting independent internet radio stations since 2001! |
![]() |
![]() |
![]() |
#2 |
Senior Member
Join Date: Dec 2019
Location: Germany
Posts: 411
|
There are many ways to get https without changing the DNAS.
Thank you very much for your tutorial. It certainly helps people. ![]() I myself don't use SHOUTcast anymore, but I use a "proxy". |
![]() |
![]() |
![]() |
#3 | |
Junior Member
Join Date: Jul 2009
Posts: 4
|
Quote:
can you post the sc_serv.conf please? i do all the steps and shoutcast say can't bind on 443 port... please help! |
|
![]() |
![]() |
![]() |
#4 |
Junior Member
Join Date: Oct 2012
Posts: 7
|
If you can't bind to a port, it indicates that port is already in use. You're probably already using port 443 with a webserver or other service. You don't need to change anything in shoutcast's configs, keep all those the same. The HTTPS work here is being done by stunnel. All the info you need is in the original post..
> accept=port that https (SSL) stream should go out on; I suggest you try port 8443 here instead, i.e. accept=8443 > connect=current domain and port of where your current Shoutcast server If you're running default configs and streaming on port 8000, as above put localhost:8000 (or whatever domain is serving your stream; yourradiostation.com:8000), otherwise change the port number to whatever you're using. Start stunnel. Open up http://yourradiostation.com:8000 (or wherever your admin pages are located). Open up https://yourradiostation.com:8443 and you should see your admin pages proxied through SSL/TLS. Now just change your stream urls from http:// to https:// and the port from 8000 to 8443. Job done ![]() |
![]() |
![]() |
![]() |
|
Thread Tools | Search this Thread |
Display Modes | |
|
|