I am using Wowza 4.5.0

I want to stream wowza over https.

To run wowza over https I follow below mention steps.

1.Generate a Java KeyStore (JKS)

Commands

openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout abc.key -out abc.crt
openssl pkcs12 -export -in abc.crt -inkey abc.key -out abc.p12
keytool -importkeystore -srckeystore abc.p12 -srcstoretype PKCS12 -destkeystore abc.jks -deststoretype JKS[CODE]
2.Copy generated Java Keystore into [wowza_dir]/conf directory.
3.Enable SSL protocol info adding new property at the bottom of file [wowza_dir]/conf/Server.xml
[CODE]<Property>
	<Name>sslLogProtocolInfo</Name>
	<Value>true</Value>
	<Type>Boolean</Type>
</Property>[CODE]
4. Configure SSL settings at the [wowza_dir]/conf/VHost.xml file (SSLConfig block) opening new port for SSL. 
[CODE]<Name>Default SSL Streaming</Name>
<Type>Streaming</Type>
<ProcessorCount>${com.wowza.wms.TuningAuto}</ProcessorCount>
<IpAddress>*</IpAddress>
<Port>4443</Port>
<HTTPIdent2Response></HTTPIdent2Response>
<SSLConfig>
	<KeyStorePath>${com.wowza.wms.context.VHostConfigHome}/conf/abc.jks</KeyStorePath>
	<KeyStorePassword>[your_password_here]</KeyStorePassword>
	<KeyStoreType>JKS</KeyStoreType>
	<SSLProtocol>TLS</SSLProtocol>
	<Algorithm>SunX509</Algorithm>
	<CipherSuites>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256</CipherSuites>
	<Protocols>TLSv1,TLSv1.1,TLSv1.2</Protocols>
</SSLConfig>[CODE]
5. Restart Wowza.
But this is not works for me.
When I hit https://[wowza-ip-address]:4443 to browser url it shows "Secure Connection Failed".
When I use https in jwplayer it shows "Can not load m3u8:404 not found"
Jwplayer Part : 
file: "https://[wowza-ip-address]:4443/vod/mp4:sample.mp4/playlist.m3u8"
How can I ensure steps which I follow is correct and now wowza is able to stream over https? 
Please find below log:
[CODE]
2016-10-05	10:25:44	IST	comment	vhost	INFO	200	_defaultVHost_	SSL ([any]:4443): keyStorePath:C:/Program Files (x86)/Wowza Media Systems/Wowza Streaming Engine 4.5.0/conf/ssl.mycompany.com.jks	-	-	-	19.546	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
2016-10-05	10:25:44	IST	comment	server	INFO	200	-	REST API: ready	-	-	-	19.552	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
2016-10-05	10:25:44	IST	comment	server	INFO	200	-	SSLInfo.CipherSuitesSupported: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV,TLS_DH_anon_WITH_AES_128_GCM_SHA256,TLS_DH_anon_WITH_AES_128_CBC_SHA256,TLS_ECDH_anon_WITH_AES_128_CBC_SHA,TLS_DH_anon_WITH_AES_128_CBC_SHA,TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_DES_CBC_SHA,SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DH_anon_WITH_DES_CBC_SHA,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA,TLS_RSA_WITH_NULL_SHA256,TLS_ECDHE_ECDSA_WITH_NULL_SHA,TLS_ECDHE_RSA_WITH_NULL_SHA,SSL_RSA_WITH_NULL_SHA,TLS_ECDH_ECDSA_WITH_NULL_SHA,TLS_ECDH_RSA_WITH_NULL_SHA,TLS_ECDH_anon_WITH_NULL_SHA,SSL_RSA_WITH_NULL_MD5,TLS_KRB5_WITH_3DES_EDE_CBC_SHA,TLS_KRB5_WITH_3DES_EDE_CBC_MD5,TLS_KRB5_WITH_DES_CBC_SHA,TLS_KRB5_WITH_DES_CBC_MD5,TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA,TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5	-	-	-	19.748	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
2016-10-05	10:25:44	IST	comment	server	INFO	200	-	SSLInfo.CipherSuitesEnabled: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256	-	-	-	19.748	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
2016-10-05	10:25:44	IST	comment	server	INFO	200	-	SSLInfo.ProtocolsSupported: SSLv2Hello,SSLv3,TLSv1,TLSv1.1,TLSv1.2	-	-	-	19.748	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
2016-10-05	10:25:44	IST	comment	server	INFO	200	-	SSLInfo.ProtocolsEnabled: TLSv1,TLSv1.1,TLSv1.2	-	-	-	19.749	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
2016-10-05	10:25:44	IST	comment	vhost	INFO	200	_defaultVHost_	Bind attempt ([any]:4443:8)	-	-	-	19.749	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
2016-10-05	10:25:44	IST	comment	vhost	INFO	200	_defaultVHost_	Bind successful ([any]:4443)	-	-	-	19.755	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
2016-10-05	10:25:44	IST	comment	server	INFO	200	-	Server.startShutdownHook: Start server shutdown hook	-	-	-	19.757	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
2016-10-05	10:25:44	IST	comment	server	INFO	200	-	StatsManager:startManager() Enabled=true	-	-	-	19.974	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
2016-10-05	10:25:44	IST	comment	server	INFO	200	-	Wowza Streaming Engine is started!	-	-	-	19.974	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
2016-10-05	10:47:27	IST	comment	server	INFO	200	-	killUnidentifiedSessions: Killing unidentified session: address:/127.0.0.1:50594	-	-	-	1322.803	-	-	-
[CODE]
Please provide me a solution. I want to stream wowza over https.
Thanks

Hello,

I would recommend going over this article in creating an SLL Certificate:

https://www.wowza.com/docs/how-to-request-an-ssl-certificate-from-a-certificate-authority

How to troubleshoot SSL certificate configuration:

https://www.wowza.com/docs/how-to-troubleshoot-ssl-certificate-configuration

If that does not help, please send the below to Wowza Support.

[install-dir]/conf (including SSL cert)

[install-dir]/logs

If you are not sure how to get this information please see the following tutorial.

https://www.wowza.com/docs/how-to-create-a-compressed-zip-file-in-windows-os-x-and-linux

Regards,

JasonT

Hi @Jason Tuchler,

Is it possible to use self signed certificate to test Wowza stream engine for Web RTC in localhost.

Thanks in advance man.

Hello @Jithin Wilfred

Yes, as long as your certificate authority accepts using a localhost address this should be possible. Please review our article on how to request a self-signed certificate:

https://www.wowza.com/docs/how-to-request-an-ssl-certificate-from-a-certificate-authority

Then in your host file you’ll add your local address and domain name.

127.0.0.1       ssl.mycompany.com

Regards,

JasonT