Results 1 to 5 of 5

Thread: Wowza Not Binding to SSL Port

  1. #1
    Join Date
    Apr 2014
    Posts
    8

    Exclamation Wowza Not Binding to SSL Port

    Hi I have a bit of a problem here. I went ahead and installed our SSL certificate onto our server. https://reefs.reefcam.tv/Cayman by clicking on that link. It should produce the wowza default page on the https:// connection. In fact if I put this into internet explorer or into firefox, I appear to make a successful connection on port 443 by using https://reefs.reefcam.tv if I load a playlist in ie or ff, they are downloaded, I can see they are accessing http://reefs.reefcam.tv:443 which appears to be the port that SSL has binded too.
    However, when I try to open the https:// url inside of chrome or any type of video player embeded into the page, I cannot connect to the SSL socket at all. There is no errors in the logs. according to firefox and internet explorer the certificate that is set up on the domain is correct. I used these instructions here http://www.wowza.com/forums/content.php?128 and go the certificate installed on the server. I've already been through the keytool a million times and their does not appear to be any problem with the certificate. I did however, find a thread that says to add something like this into Application.xml for one of the apps.

                      <Property>
                                            <Name>cupertinoEncryptionBaseURL</Name>
                                            <Value>https://reefs.reefcam.tv</Value>
                                    </Property>
    Adding or removing this value makes little difference.

    netstat -tulp | grep https
    tcp        0      0 *:https                 *:*                     LISTEN      6186/java
    likewise

    netstat -tulpn | grep 443
    tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      6186/java
    and
    netstat -tulpn | grep 1935
    tcp        0      0 0.0.0.0:1935            0.0.0.0:*               LISTEN      6186/java
    and
    netstat -tulp | grep http
    tcp        0      0 ds6880.dreamservers:www *:*                     LISTEN      5836/httpd-argon-ht
    tcp        0      0 *:https                 *:*                     LISTEN      6186/java


    Also when I point to this domain reefs.reefcam.tv https://www.geocerts.com/ssl_checker and I type in reefs.reefcam.tv and use 443 certificate appears valid. Like I am returning in Firefox and Chrome. This test works on Chrome.

    When I do this test http://www.sslshopper.com/ssl-checke...efs.reefcam.tv it is failing with about the same problem I am describing.

    Anyone have any ideas why the SSL is not working? Your help would save me a lot of time and money.
    Thank You, John Anderson http://www.vermontinternetdesign.com
    Last edited by chillininvt; 04-26-2014 at 04:38 AM.

  2. #2
    Join Date
    Apr 2014
    Posts
    8

    Default Solved

    Hi, I solved my own problem. It appears that there was a problem with the SSL handshake. Proved to not be a problem on some systems. However, changing the iptables on my server worked wonders. This is one of those servers where some people have access to it through a control panel, some people have access to it through the bash shell. I use the server from the Bash Shell and people with access to the server through the default control panel can over ride each others settings. There was a hidden set of iptables rules that was causing the server to reject certain requests to it.
    So simply flushing the
     iptables -F
    then
    iptables-restore /root/rules.bak
    worked wonders from this job. So I will just leave this posted for the next guy, with a similar problem.

  3. #3
    Join Date
    Apr 2014
    Posts
    8

    Default

    Actually I spoke too soon, what I am noticing is that I am able to view the engine in https if I have Fiddler Web Debugger turned on and handling the ssl. If I shut it off and let chrome try to do it the problem still happens.

  4. #4
    Join Date
    Apr 2014
    Posts
    8

    Default Talking to myself

    I tried using one of the StreamLock certificates that does not work either. Still have the same problem in Chrome. In Internet Explorer it shows TLS 1.0, AES with 128 bit encryption (High); RSA with 2048 bit exchange as for the java information on the server its as follows.

    Java Version
    1.6.0_07
    Java VM Version
    10.0-b23
    Java Architecture
    64
    Java Name
    Java HotSpot(TM) 64-Bit Server VM
    Java Vendor
    Sun Microsystems Inc

    Any suggestions

  5. #5
    Join Date
    Dec 2007
    Posts
    22,013

    Default

    Sorry for the oversight. There was a DNS problem with StreamLock, which has been resolved. I hope that resolved this problem. Let me know otherwise.

    Richard

Similar Threads

  1. Replies: 1
    Last Post: 01-24-2013, 10:04 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •