Hello, New stunnel user here - or trying to ne! I manage a streaming service using both SHOUT and Icecast servers, on a Widows 10 platform. Have been hit by the update to the G/Chrome browser, and while the Website is secure, the streams are not. There is limited support for S.S.L. for Icecast, but none for SHOUTcast. Was recommended to use S.S.L., but apparently the OpenSSL library isn't downloaded for Widows, only Linux, so have tried using Debian 11, which have installed within VirtualBox. However, have had no luck making the connection. Happened to read in another tutorial that if stunnel isn't installed on the same Computer, as the Playout system and encoder - use B.U.T.T., and Sound Empire Caster - one has to have stunnel installed on both Computers? Is the above true? EIther way,, would appreciate some advice on how to resolve this issue, and am new to stunnel, and only a basic knowledge of Debian. Thanks for your help with this issue. Cheers.
Having re-read the message above, please permit an update of the situation, and hopefully this might make more sense?! The situation is I ran an online streaming service (radio station, if you like?!) This sits on a Widows 7 platform. Since the G/Chrome update, have been trying to convert the audios stream to HTTPS, and have been recommended to try stunnel, for which have installed Debian 11 and Widows 10 in VirtualBox. Have read a few tutorials, and would seem that as I am unable to install stunnel on Widows 7, have run the server based applications, in this case SHOUT and Icecast on W10 in VirtualBox. However, stunnel is unable to connect to the source, in this case Icecast, on either Ports 8443 or 8000. Believe I have to have both Client and Server configured within the configuration file, and hopefully have this correct?: [client] client = yes cert = C:\Program Files (x86)\stunnel\fullchain.pem accept = 192.168.1.4:8443 connect = 8443 [Icecast] client = no cert = C:\Program Files (x86)\stunnel\fullchain.pem accept = 127.0.0.1:8000 connect = 8000 Have set the encoder to stream on Port 8443, which I believe stunnel is set to listen to, and should then convert to encrypted data, then output to Static I.P.: Port 8000 All the machines (three) if you include VirtualBox sit behind the same Router. Would really appreciate help with this. Thank you.
I'm relatively new to stunnel, but I believe your connect should contain both IP and port. Like this. accept = 127.0.0.1:83 connect = 158.224.83.39:443 -----Original Message----- From: nathan.king@unpredictableporridge.co.uk [mailto:nathan.king@unpredictableporridge.co.uk] Sent: Saturday, March 11, 2023 9:52 AM To: stunnel-users@stunnel.org Subject: [stunnel-users] Re: Stunnel Installation. Having re-read the message above, please permit an update of the situation, and hopefully this might make more sense?! The situation is I ran an online streaming service (radio station, if you like?!) This sits on a Widows 7 platform. Since the G/Chrome update, have been trying to convert the audios stream to HTTPS, and have been recommended to try stunnel, for which have installed Debian 11 and Widows 10 in VirtualBox. Have read a few tutorials, and would seem that as I am unable to install stunnel on Widows 7, have run the server based applications, in this case SHOUT and Icecast on W10 in VirtualBox. However, stunnel is unable to connect to the source, in this case Icecast, on either Ports 8443 or 8000. Believe I have to have both Client and Server configured within the configuration file, and hopefully have this correct?: [client] client = yes cert = C:\Program Files (x86)\stunnel\fullchain.pem accept = 192.168.1.4:8443 connect = 8443 [Icecast] client = no cert = C:\Program Files (x86)\stunnel\fullchain.pem accept = 127.0.0.1:8000 connect = 8000 Have set the encoder to stream on Port 8443, which I believe stunnel is set to listen to, and should then convert to encrypted data, then output to Static I.P.: Port 8000 All the machines (three) if you include VirtualBox sit behind the same Router. Would really appreciate help with this. Thank you. _______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org To unsubscribe send an email to stunnel-users-leave@stunnel.org
ringbretson@keplp.com wrote:
I'm relatively new to stunnel, but I believe your connect should contain both IP and port. Like this. accept = 127.0.0.1:83 connect = 158.224.83.39:443
Thanks for that suggestion, ringbretson, appreciated. However, have tried to make that change, and because Icecast runs on Port 8443 securely, and have stunnel set to the same Port, receive a blocked Port error message, whether I start Icecast or stunnel first. Thanks for trying to help.
Is the Icecast software running as a server-application and listening for connections from clients on port 8000? I have no experience with audio streams and how they work, that is why I'm asking the stupid question of how the Icecast software works and how it connects. [Icecast-server] client=no cert=fullchain.pem accept=8443 ;listening for secure connections connect=127.0.0.1:8000 ;makes unsecure connection to the Icecast software listening on port 8000 on localhost Den lör 11 mars 2023 18:30 <nathan.king@unpredictableporridge.co.uk> skrev:
ringbretson@keplp.com wrote:
I'm relatively new to stunnel, but I believe your connect should contain both IP and port. Like this. accept = 127.0.0.1:83 connect = 158.224.83.39:443
Thanks for that suggestion, ringbretson, appreciated.
However, have tried to make that change, and because Icecast runs on Port 8443 securely, and have stunnel set to the same Port, receive a blocked Port error message, whether I start Icecast or stunnel first.
Thanks for trying to help. _______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org To unsubscribe send an email to stunnel-users-leave@stunnel.org
Tobias Gillström wrote:
Is the Icecast software running as a server-application and listening for connections from clients on port 8000?
I have no experience with audio streams and how they work, that is why I'm asking the stupid question of how the Icecast software works and how it connects.
[Icecast-server] client=no cert=fullchain.pem accept=8443 ;listening for secure connections connect=127.0.0.1:8000 ;makes unsecure connection to the Icecast software listening on port 8000 on localhost
Den lör 11 mars 2023 18:30 <nathan.king(a)unpredictableporridge.co.uk> skrev:
ringbretson@keplp.com wrote: I'm relatively new to stunnel, but I believe your connect should contain both IP and port. Like this. accept = 127.0.0.1:83 connect = 158.224.83.39:443 Thanks for that suggestion, ringbretson, appreciated.
However, have tried to make that change, and because Icecast runs on Port 8443 securely, and have stunnel set to the same Port, receive a blocked Port error message, whether I start Icecast or stunnel first.
Thanks for trying to help.
Essentially, yes, Tobias! Have Icecast server on W10, setup for connections on Ports 8443 and 8000, the encoder software streams the audio to the Internet via these Ports, and have stunnel setup to listen to Port 8443, from Icecast Server/econder, encrypt, and send out on Port 8000. At least, hope that is the case?! Cheers.
So the Icecast software is listening on two different ports? What are the two ports used for? Den lör 11 mars 2023 19:11 <nathan.king@unpredictableporridge.co.uk> skrev:
Tobias Gillström wrote:
Is the Icecast software running as a server-application and listening for connections from clients on port 8000?
I have no experience with audio streams and how they work, that is why I'm asking the stupid question of how the Icecast software works and how it connects.
[Icecast-server] client=no cert=fullchain.pem accept=8443 ;listening for secure connections connect=127.0.0.1:8000 ;makes unsecure connection to the Icecast software listening on port 8000 on localhost
Den lör 11 mars 2023 18:30 <nathan.king(a)unpredictableporridge.co.uk> skrev:
ringbretson@keplp.com wrote: I'm relatively new to stunnel, but I believe your connect should contain both IP and port. Like this. accept = 127.0.0.1:83 connect = 158.224.83.39:443 Thanks for that suggestion, ringbretson, appreciated.
However, have tried to make that change, and because Icecast runs on Port 8443 securely, and have stunnel set to the same Port, receive a blocked Port error message, whether I start Icecast or stunnel first.
Thanks for trying to help.
Essentially, yes, Tobias!
Have Icecast server on W10, setup for connections on Ports 8443 and 8000, the encoder software streams the audio to the Internet via these Ports, and have stunnel setup to listen to Port 8443, from Icecast Server/econder, encrypt, and send out on Port 8000.
At least, hope that is the case?!
Cheers. _______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org To unsubscribe send an email to stunnel-users-leave@stunnel.org
That's right! Icecast Port 8000 is the standard port, 8443 is supposed to be the Port used for encryption, as I understand the setup.
If that is the case I think this configuration should do what you want. [Icecast-server] client=no cert=fullchain.pem accept=8443 ;listening for secure connections on port 8443 connect=127.0.0.1:8000 ;makes unsecured connection to the Icecast software on port 8000 Den lör 11 mars 2023 19:41 <nathan.king@unpredictableporridge.co.uk> skrev:
That's right!
Icecast Port 8000 is the standard port, 8443 is supposed to be the Port used for encryption, as I understand the setup. _______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org To unsubscribe send an email to stunnel-users-leave@stunnel.org
participants (3)
-
nathan.king@unpredictableporridge.co.uk -
ringbretson@keplp.com -
Tobias Gillström