Manage StreamLock SSL/TLS certificates

Manage your Wowza StreamLock™ SSL/TLS certificates and troubleshoot their configuration in Wowza Streaming Engine™ media server software.

Manage your StreamLock certificates


Log in with your Wowza account credentials

Log in to the Wowza account associated with your StreamLock certificates from the Account Management page and go to the StreamLock tab. Then, see the following sections for ways you can manage your StreamLock certificates.

Change the StreamLock certificate password

Every time you download your certificate, you will be prompted to create a password to encrypt the certificate. The password you create here will need to be entered when configuring a host port to use the StreamLock certificate. The password is saved in [install-dir]/conf/VHost.xml as the SSLConfig/KeyStorePassword property value.

To change the certificate password, do the following:

  1. In the My SSL certificates table, under Certificate Information, click Download certificate for the certificate.
     
  2. Enter a new unique password for the certificate in both boxes. You must enter the same password in both boxes.
     
    Note: Requirements for a valid password include:
     
    • 6 to 30 characters
    • Begins with an alphabetic character (a letter)
    • Only alphanumeric characters and special characters like underscore (_), dollar ($), pound (#)
    • At least one number
  3. Click OK. Your new certificate will then download.

If you previously installed the certificate with a Wowza Streaming Engine instance, it will continue to work after changing the password. If you install the updated certificate with a Wowza Streaming Engine instance, you will need to enter the new password for Keystore Password. See Configuring Wowza Streaming Engine to use your StreamLock certificate.

Change the server IP address

To change the IP address of the Wowza Streaming Engine instance that's associated with your StreamLock certificate, do the following:

  1. In the My SSL certificates table, under IP Address, click Change next to the IP address that you want to change.
     
  2. Enter the new IP address, and then click OK. Updates should be effective immediately, but if the previous IP address was cached by a DNS server you may have to wait for the cache to age out.
  3. Click Download certificate under Certificate Information.

If you previously installed the certificate with a Wowza Streaming Engine instance, it will continue to work after changing the IP address.

Renew an expiring StreamLock certificate

StreamLock certificates are valid for 365 days, unless they are associated with a Trial license, in which case they are valid for 30 days. StreamLock certificates are eligible for renewal within 28 days of expiring, unless they are associated with a Trial license. Check a certificate's expiration date in the My SSL Certificates table under Certificate Information. If a certificate is within 28 days of expiring, the expiration date should appear in red text, and a Renew link appears. To renew an existing certificate, do the following:

  1. In the My SSL certificates table, locate the certificate to renew.
  2. Under Certificate Information, click Renew. It may take up to an hour for your certificate to be updated. If no option to renew is visible, your certificate does not require renewal yet.
  3. Click Download certificate under Certificate Information.
  4. Install the updated certificate and then reconfigure the host port to use it. See Configuring Wowza Streaming Engine to use your StreamLock certificate.
Important: When you renew a certificate, you need to download, install, and configure the updated certificate. We highly recommend you install the updated certificate on the applicable Wowza Streaming Engine instance immediately to avoid interruption of streaming from that server to your end users.
Note: If you need to replace a certificate, for example if it becomes corrupted, contact Support.