SSL configuration improvements in Wowza media server

This article describes how to configure SSL-related properties, including the SSLConfig/CipherSuites and SSLConfig/Protocols filters, used by Wowza Streaming Engine™ media server software:

How to improve SSL configuration

<Property>
	<Name>sslLogProtocolInfo</Name>
	<Value>true</Value>
	<Type>Boolean</Type>
</Property>

INFO server comment - SSLInfo.ProtocolsSupported: SSLv2Hello,SSLv3,TLSv1,TLSv1.1,TLSv1.2
INFO server comment - SSLInfo.ProtocolsEnabled: SSLv2Hello,TLSv1,TLSv1.1,TLSv1.2

While I can’t confirm that the definition above displays anything in the latest Wowza (no SSLInfo lines anywhere), the two INFO lines provided here gave me enough information to turn off SSLv3 protocol in the latest version. Complete SSL block is poorly documented - in documentation only JKS is mentioned (I had to use PKCS12), and weirdly enough I had an issue with JKS which was beyond any debug information,… keytool reported all keys in JKS and valid, Wowza did not complain, but HTTPS/SSL was far from functional… changing the keys to PKCS12 solved it for me. It’s good that I’m stubborn or I would give up hours ago because most of it was guess work and very vague, sparse and infrequent information… not what I’m used to from Wowza.