Wowza Community

Accessing streams via HTTPS not working


Using Wowza streaming engine on AWS and streaming via regular HTTP is working with a DASH player. need to get it working via HTTPS.

I followed the instructions in the “How to request an SSL certificate from a certificate authority” article, obtained and installed a cert and adjusted the VHost.xml file to uncomment the section. Ensured that our DNS had pointing at our AWS instance.

Test player still works when using HTTP and the old port. Also works if I use http and the domain name:

Also works if I use http and port 443 (which seems odd to me)

However, I cannot get any form of httpS to play a stream. I’ve tried 443 and 1935. MPEG-DASH and Adobe HDS. I feel like there must be a configuration step that was missed.

Here are the commands I used:

sudo keytool -genkey -keysize 2048 -alias wowza -keyalg RSA -keystore

(gave it as the first and last name)

sudo keytool -certreq -file -alias wowza -keyalg RSA -keystore

When I received the certs, I installed them:

sudo keytool -import -alias root -trustcacerts -file DigiCertCA.crt -keystore
sudo keytool -import -alias wowza -trustcacerts -file sentryvidserv_us.crt -keystore

Here is the result of keytool -list -keystore

Enter keystore password:  
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 2 entries
root, Oct 10, 2014, trustedCertEntry, 
Certificate fingerprint (SHA1): 1F:B8:6B:11:68:........:71:A4:B7:CC:B4
wowza, Oct 10, 2014, PrivateKeyEntry, 
Certificate fingerprint (SHA1): 43:AF:E0:BC:26:.......:A8:CB:CA:54:02:2B:AE:70

Here is the section of VHost.xml:

				<Name>Default SSL Streaming</Name>

What else needs to be done to enable streaming over HTTPS??

Many thanks,


Hello there and welcome to the Wowza support forum.

I am sorry I dont have much to offer here as I have not set this up myself. But looking closely at the guide and what you have shown, all I can see that is different is the “ssl” in the command lines.

What you have:

sudo keytool -genkey -keysize 2048 -alias wowza -keyalg RSA -keystore

What the guide shows:

keytool -certreq -file -alias wowza -keyalg RSA -keystore [B]ssl[/B]

I notice you omitted the “ssl” part in most of the command lines, and included it on one.

Also, in the VHost you have:


And the guide mentions:


Lastly, the guide provides a link to a troubleshooting guide:

A bug in the Oracle Java Development Kit (JDK) affects connections that use Secure Sockets Layer (SSL) certificates. Occasionally the SSL handshake fails during Diffie-Hellman key exchange and the connection hangs. For more information, see How to fix intermittent HTTP/SSL failure (padding exception).

Again, I apologize for not having more to offer. If you still need help and no one from support has replied you could open a support ticket by zipping the following directories and sending them to





Kind regards,



This is a rather old ticket and may or may not be relevant to the issue you are experiencing. I would suggest that you open a support ticket with us and include the steps you’ve taken and we can look at your specific workflow. Include a zip of your /conf and /logs too.


You are very observant Savadore!

Thanks much for your input. I do believe that (without the SSL) is correct for us, but I am not 100% sure. I have a support ticket open. Looking through my command history you might be right that I included the ssl. in front of the keystore on the import of the “wowza” cert. I will re-try and see if it helps.



How do you have resolve this? I have the same probs


the same is happening to me, any solution?