I have a wildcard SSL certification for my domain (which was created with openssl and signed by a known CA) and I was trying to use it with Wowza. I’m not sure what should go in keystorepath, is it just the cert? The cert and the PEM key that I have for this cert? When I just put in the cert and try to connect via HTTPS (for cupertino streaming) I get:
Connecting to 127.0.0.1:443… connected.
OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Unable to establish SSL connection.
Any help would be appreciated.
–dan
I really don’t know. I might try accessing using different tools. I have not had good luck with self-signed certs.
Charlie
I actually also followed that guide and created a self signed cert, still getting the problem (trying to retrieve using wget)
keytool -printcert -v -file /Users/dan/off/fandor/certificates/f/out.cert
Owner: CN=Dan Aronson, OU=Unknown, O=Fandor, L=San Francisco, ST=CA, C=US
Issuer: CN=Dan Aronson, OU=Unknown, O=Fandor, L=San Francisco, ST=CA, C=US
Serial number: 4e592264
Valid from: Sat Aug 27 09:59:16 PDT 2011 until: Fri Nov 25 08:59:16 PST 2011
Certificate fingerprints:
MD5: 12:C8:7D:E8:9A:05:A2:EA:36:9B:67:DA:52:E6:79:F4
SHA1: F1:2D:22:D5:ED:DE:92:BD:E8:73:79:9A:9A:1C:85:21:5B:2D:0E:F7
Signature algorithm name: SHA1withRSA
Version: 3
in Vhosts.xml
/Users/dan/off/fandor/certificates/f/out.cert
******
JKS
TLS
SunX509
Output from wget:
wget https://127.0.0.1/fandor/smil:000257_fallen_angels_-w-_-b-kbps.smil/playlist.m3u8
–12:13:08-- https://127.0.0.1/fandor/smil:000257_fallen_angels_-w-_-b-kbps.smil/playlist.m3u8
=> `playlist.m3u8’
Connecting to 127.0.0.1:443… connected.
OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Unable to establish SSL connection.
I’m sure that’s not the problem. I’m loathe to pay for another cert until I can see that this works, wget works fine with self signed certs for webservers. Here’s an example of using it against a self-signed cert…
wget https://repository.fandor.com
–16:53:04-- https://repository.fandor.com/
=> `index.html’
Resolving repository.fandor.com… 70.35.42.124
Connecting to repository.fandor.com|70.35.42.124|:443… connected.
ERROR: Certificate verification error for repository.fandor.com: self signed certificate
To connect to repository.fandor.com insecurely, use `–no-check-certificate’.
Unable to establish SSL connection.
got it, i was just editing the conf file and putting the 443 port in the wrong place.
–dan