• How to connect to Wowza Streaming Engine Manager over HTTPS

    This article describes how to configure Wowza Streaming Engine Manager to use Secure Sockets Layer (SSL) certificates so you can connect to it using HTTPS.

    Note: You can use SSL certificates provided by Wowza StreamLock™ or from an SSL certificate authority. For more information about Wowza StreamLock, see How to get SSL certificates from the StreamLock service.

    Configuration


    This article describes how to add the following parameters that enable SSL in Wowza Streaming Engine Manager:

    • httpsPort
    • httpsKeyStore
    • httpsKeyStorePassword

    To enable SSL, modify the startmgr.bat file (Windows) or startmgr.sh file (Linux) in the Wowza Streaming Engine installation folder [install-dir]/manager/bin using a text editor. Add the parameters after --httpPort=8088 and change the appropriate values as shown in the following examples:

    Windows


    --httpsPort=[port-number] --httpsKeyStore="%WMSMGR_HOME%..conf[StreamLockID].streamlock.net.jks" --httpsKeyStorePassword="[password]"

    Linux


    --httpsPort=[port-number] --httpsKeyStore="$WMSMGR_HOME/../conf/[StreamLockID].streamlock.net.jks" --httpsKeyStorePassword="[password]"

    Notes:
    • Important: The httpsPort number must be different than the httpPort number (8080). For example, set the httpsPort number to 8090. Make sure that there's no other service running on the same computer that's using the newly assigned httpsPort port number.

    • The httpsKeyStorePassword can be the same password used to sign in to Wowza Streaming Engine Manager.

    Windows configuration

    Open the [install-dir]/manager/bin/startmgr.bat file in a text editor and look for the following line:

    "%_EXECJAVA%" %JAVA_OPTS% -jar "%WMSMGR_HOME%libwms-winstone-1.0.5-boot.jar" --prefix="/enginemanager" --defaultWebApp="/enginemanager" --tempDirectory="%WMSMGR_HOME% emp" --webroot="%WMSMGR_HOME% emp" --warfile="%WMSMGR_HOME%libWMSManager.war" --httpPort=8088 --ajp13Port=-1 --directoryListings=false

    Add the SSL parameters. The result should look like this:

    "%_EXECJAVA%" %JAVA_OPTS% -jar "%WMSMGR_HOME%libwms-winstone-1.0.5-boot.jar" --prefix="/enginemanager" --defaultWebApp="/enginemanager" --tempDirectory="%WMSMGR_HOME% emp" --webroot="%WMSMGR_HOME% emp" --warfile="%WMSMGR_HOME%libWMSManager.war" --httpPort=8088 --httpsPort=8090 --httpsKeyStore="%WMSMGR_HOME%..conf[StreamLockID].streamlock.net.jks" --httpsKeyStorePassword=[password] --ajp13Port=-1 --directoryListings=false

    Save the updated startmgr.bat file, and then restart the Streaming Engine Manager service for the new configuration settings to take effect. See How to start and stop Wowza Streaming Engine software.

    Linux configuration

    Open the [install-dir]/manager/bin/startmgr.sh file in a text editor and look for the following line:

    CMD="$_EXECJAVA -Dcom.wowza.wms.ConfigURL="" -Dcom.wowza.wms.ConfigHome=$WMSMGR_HOME -Djava.io.tmpdir=$WMSMGR_HOME/temp -Dlog4j.configuration=file://$WMSMGR_HOME/conf/winstone.properties -jar $WMSMGR_HOME/lib/wms-winstone-1.0.5-boot.jar --prefix="/enginemanager" --defaultWebApp="/enginemanager" --tempDirectory=$WMSMGR_HOME/temp --webroot=$WMSMGR_HOME/temp --warfile=$WMSMGR_HOME/lib/WMSManager.war --httpPort=8088 --directoryListings=false"

    Add the SSL parameters. The result should look like this:

    CMD="$_EXECJAVA -Dcom.wowza.wms.ConfigURL="" -Dcom.wowza.wms.ConfigHome=$WMSMGR_HOME -Djava.io.tmpdir=$WMSMGR_HOME/temp -Dlog4j.configuration=file://$WMSMGR_HOME/conf/winstone.properties -jar $WMSMGR_HOME/lib/wms-winstone-1.0.5-boot.jar --prefix="/enginemanager" --defaultWebApp="/enginemanager" --tempDirectory=$WMSMGR_HOME/temp --webroot=$WMSMGR_HOME/temp --warfile=$WMSMGR_HOME/lib/WMSManager.war --httpPort=8088 --httpsPort=8090 --httpsKeyStore="$WMSMGR_HOME/../conf/[StreamLockID].streamlock.net.jks" --httpsKeyStorePassword="password"--directoryListings=false"

    Save the updated startmgr.sh file, and then restart the Streaming Engine Manager service for the new configuration settings to take effect. See How to start and stop Wowza Streaming Engine software.

    Connect to Wowza Streaming Engine Manager using HTTPS


    In a web browser, connect to Wowza Streaming Engine Manager using HTTPS and the new port number defined in the startmgr.bat or startmgr.sh file:

    https://[StreamLockID].streamlock.net:[https-port-number]/enginemanager/

    The [StreamLockID].streamlock.net is the unique StreamLock domain name for your Wowza Streaming Engine instance.

    Note: After you confirm that you can connect to the manager over HTTPS, you can disable HTTP connections by setting --httpPort=-1 in startmgr.bat or startmgr.sh so that only HTTPS connections with the defined port are allowed.

    Originally Published: For Wowza Streaming Engine on 03-31-2015.

    If you're having problems or want to discuss this article, post in our forum.