I have followed the instructions on setting up StreamLock but still cannot stream anything over https on the Wowza Player Builder while streaming over http works as expected. The error that is showing on the player says: “Stream unavailable. Check cross-origin policy”.

I followed all directions in here

https://www.wowza.com/docs/how-to-get-ssl-certificates-from-the-streamlock-service

And Here

https://www.wowza.com/docs/how-to-enable-cross-origin-resource-sharing-cors-for-http-based-streams

At this point I am not sure if there is any setting that is missing to properly allow streaming over HTTPS and any help will be appreciated.

Make sure to use the DNS name for your StreamLock certificate as DNS does not support IP addresses.

Also make sure that both your page and the URL both use HTTPS. Mixing HTTP and HTTPS will generate a Cross Origin Resource Sharing (CORS) issue.

Thanks for the reply.

Not sure that I follow. StreamLock required an IP address when setting up the certificate which I provided.

I am trying to view

https://5cdc5669110b0.streamlock.net/LAEX/Wowza+Test.stream/playlist.m3u8

From

https://player.wowza.com/en/builder

both are HTTPS

Make sure that you are pointing SSL to Wowza Streaming Engine. You likely have port 443 pointing to a web server and the name mismatch between the DNS name and the certificate is causing self signed error.
https://5cdc5669110b0.streamlock.net/

Below is what you should see if your configuration was correct.
http://5cdc5669110b0.streamlock.net:1935/

OK, that works but I need HTTPS playback, how can I get that?

Thanks!

"Below is what you should see if your configuration was correct.

http://5cdc5669110b0.streamlock.net:1935/"

OK, that works but is still http and https is needed! Please, help us to get that.

Thanks

I have the same issue. After getting a streamlock certificate and installing it this works:

http://[mystreamlock].streamlock.net:443/lives3/Stream1/playlist.m3u8

but this doesn’t

https://[mystreamlock].streamlock.net/lives3/Stream1/playlist.m3u8

https://[mystreamlock].streamlock.net:443/lives3/Stream1/playlist.m3u8

Any ideas? Thanks

Hi,

https://[mystreamlock].streamlock.net/lives3/Stream1/playlist.m3u8 worked for me.

LP

Thanks Emanuel. For me it doesn’t. I suspect it’s a port issue. Do you run your WSE on an Amazon EC2 server? Do you know if I have to change the inbound rules for the server in the security group?

This is what I have:

Custom TCP Rule TCP 8087 0.0.0.0/0

Custom TCP Rule TCP 8087 ::/0

Custom TCP Rule TCP 8084 - 8085 0.0.0.0/0

HTTP TCP 80 0.0.0.0/0

Custom TCP Rule TCP 1935 0.0.0.0/0

Custom TCP Rule TCP 554 0.0.0.0/0

SSH TCP 22 0.0.0.0/0

Custom TCP Rule TCP 21 0.0.0.0/0

Custom TCP Rule TCP 8086 0.0.0.0/0

Custom TCP Rule TCP 8088 0.0.0.0/0

HTTPS TCP 443 0.0.0.0/0

Custom UDP Rule UDP 6970 - 9999 0.0.0.0/0

(sorry for the bad formatting)

Hi David,

I don’t run WSE on an Amazon EC2, my CDN is in my private network.

Per tech support @David Gryn and @Emanuel Barreto

Going to the following website you can check to see if the certificate is configured correctly. In this case port 443 is used by IIS. You may be running it and WSE on the same server or using a NAT to forward ports to the appropriate server.

https://www.sslshopper.com/ssl-checker.html

Once there, you can input your certificate name. This is a hotlink to that website’s results for their StreamLock certificate.

https://www.sslshopper.com/ssl-checker.html#hostname=5cdc5669110b0.streamlock.net

You must ensure that you change the port from 443 to something like 4443 in Wowza Streaming Engine Manager, open up and forward that port to WSE, and then test to see if it works. Their StreamLock certificate URL using port 4443 would look like this.

https://www.sslshopper.com/ssl-checker.html#hostname=5cdc5669110b0.streamlock.net:4443

If that doesn’t work, feel free to send over a support ticket David and we’ll find the problem for you. Thanks Emanual for jumping in to try and help!

Thanks Rose. This has helped me identify a stupid mistake I made in the virtual host setup… Only added the path to the /conf and forgot to add the name of the certificate.

All working as it should now.

Thanks!

Fantastic news! Thanks for letting us know.