The prebuilt wowza aws instance is currently built on top of Amazon linux AMI which is so old.
- Please upgrade it to Amazon linux 2, because now as it stands I’m unable to run certbot, the letsencrypt SSL installer, it’s just too old and too problematic, not just regarding certbot.
- Wowza prebuilt instance currently listens by default to port 80, please disable that because no one would benefit if port 80 is enabled, every wowza developer knows that wowza runs on 1935, and more importantly, certbot needs port 80 to renew the SSL
Hi Elie,
Thanks for this feedback. I’m taking it to the Product and Engineering teams to see what we can do to make the developer experience with our AMI better.
Thanks,
Amara
just correcting a mistake I made:
First of all, I was able to install certbot after much struggle, because the official way is not supported.
https://medium.com/@mohan08p/install-and-renew-lets-encrypt-ssl-on-amazon-ami-6d3e0a61693
Regardless, the OS needs to be upgraded, it’s problematic and insecure to run old versions
Secondly port 80 needs to stay open on wowza, otherwise the browser won’t detect that SSL got installled successfully, unless there’s a webserver running on port 90,.
But port 443 on AWS wowza by default serves http, this should be removed, because no one ever serves http on 443, and the second you install SSL, you’ll need to remove port 443 from http and place it in https
So in short
-
Upgrade wowza aws OS
-
keep port 80 on AWS open
-
remove port 443 from serving http, whenever one installs SSL, he’ll add that in the https section of the VHost.xml
Elie, thanks for the update. I’m going to mark this response as an answer for now since you were able to get something working. I agree we need to upgrade.
We have updated the AMIs and confirmed they are available now.
Sorry to have previously been unclear, per our Engine team the latest AMI is running on the latest version of Linux 1, not Linux 2.