Wowza Community

Using a pem SSL certificate

I have a wildcard SSL certificate that I’d like to add to my Wowza install. I followed the guide here: https://www.wowza.com/docs/how-to-request-an-ssl-certificate-from-a-certificate-authority , but only the parts about importing certificates and configuring VHOST.xml.

The first to add the CA’s certificate, and the second to add the certificate specific to my domain name.

In VHost.xml, I removed the comment tags from the SSL vhost. It was pretty much all ready to go, I just changed the KeyStorePath to reflect the same name I used above, and added my password to KeyStorePassword.

Wowza starts up fine, but when I try to access the server, I see the following issue:
error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number

I enabled DEBUG logging and am seeing “SSL handshake failed messages.” So something went wrong, I’m guessing in the import part.

Is this a known issue? Can anyone give me any clues here?
Thank you

Let m see what I can find for that error and be back soon here.

Hey @Mark_Clevelland so this error usually indicates a protocol configuration error, though we would need to see your configuration files to confirm that in a ticket.

Another thing to check is the port and make sure you are only using that port for the SSL cert. It can’t be in use for anything else at the same time. I see in a support ticket where that did solve the problem for someone having a similar issue and that exact error.

For example let’s say you are changing to 8443

To change the default port, change the port setting by editing the HostPort in Wowza Streaming Engine Manager

  1. Click Server at the top of the manager page, and then click Virtual Host Setup in the contents panel.
  2. Click Edit
  3. Locate the SSL cert entry and click the edit icon under Action (it resembles a pencil)
  4. Enter the new port number.

You can also manually edit the VHost.xml file to change this port as such:

  1. Edit [install-directory]/conf/VHost.xml ,
  2. Locate the section where the Default SSL Streaming is defined as port 443 , change this value to the port you choose to use for SSL cert.
    Save the file to write changes to the config then,
  3. Restart Wowza Media Server to apply the changes.