REST-API with SSL unable to log into Wowza Engine Manager

Hello,

we’ve got our Wowza Server off site, to ensure more security I’ve configured the Engine Manager in the tomcat.properties to use SSL:

httpsPort=8090
httpsKeyStore=conf/mycertificate.domain.co.at.jks
httpsKeyStorePassword=xyz
#httpsKeyAlias=[key-alias]

The Engine Manager is working fine with the ssl connection. But as soon, as I turn on ssl in the server.xml to ensure the REST-API is connected via SSL:

<?xml version="1.0" encoding="UTF-8"?>
<Root version="3">
	<Server>
		<Name>Wowza Streaming Engine</Name>
		<Description>Wowza Streaming Engine is robust, customizable, and scalable server software that powers reliable streaming of high-quality video and audio to any device, anywhere.</Description>
		<RESTInterface>
			<Enable>true</Enable>
			<IPAddress>*</IPAddress>
			<Port>8087</Port>
			<!-- none, basic, digest, remotehttp, digestfile-->
			<AuthenticationMethod>basic</AuthenticationMethod>
			<!-- cleartext, digest, bcrypt -->
			<PasswordEncodingScheme>bcrypt</PasswordEncodingScheme>
			<DiagnosticURLEnable>true</DiagnosticURLEnable>
			<SSLConfig>
				<Enable>true</Enable>
				<KeyStorePath>${com.wowza.wms.context.VHostConfigHome}/conf/mycertificate.domain.co.at.jks</KeyStorePath>
				<KeyStorePassword>xyz</KeyStorePassword>
				<KeyStoreType>JKS</KeyStoreType>
				<SSLProtocol>TLS</SSLProtocol>
				<Algorithm>SunX509</Algorithm>
				<CipherSuites></CipherSuites>
				<Protocols></Protocols>
			</SSLConfig>
			<IPWhiteList>127.0.0.1,xxx.serverip.xxx</IPWhiteList>
			<IPBlackList></IPBlackList>
			<EnableXMLFile>false</EnableXMLFile>
			<DocumentationServerEnable>false</DocumentationServerEnable>
			<DocumentationServerPort>8089</DocumentationServerPort>
			<!-- none(only) -->
			<DocumentationServerAuthenticationMethod>none</DocumentationServerAuthenticationMethod>
			<Properties>
			</Properties>
		</RESTInterface>
		<CommandInterface>
			<HostPort>
				<ProcessorCount>${com.wowza.wms.TuningAuto}</ProcessorCount>
				<IpAddress>*</IpAddress>
				<Port>8083</Port>
			</HostPort>
		</CommandInterface>
		<AdminInterface>
			<!-- Objects exposed through JMX interface: Server, VHost, VHostItem, Application, ApplicationInstance, MediaCaster, Module, Client, MediaStream, SharedObject, Acceptor, IdleWorker -->
			<ObjectList>Server,VHost,VHostItem,Application,ApplicationInstance,MediaCaster,Module,IdleWorker</ObjectList>
		</AdminInterface>
		<Stats>

I get the following message, after entering the credentials.

Wowza Streaming Engine Manager could not connect to the Wowza Streaming Engine service(http://localhost:8087). Verify that the Wowza Streaming Engine service has started and is running.

Are ther any other settings missing, to ensure the Streaming Engine Manager uses https?

Thank you, best regards
Gerhard

You can check our troubleshooting article for this exact error in our FAQ page.

https://support.wowza.com/hc/en-us/articles/1260803011850-I-Can-t-Login-to-Streaming-Engine-Manager

You’ll need to check you’re using the correct ports as explained in the article. SSL requires its own for example.

Hello,

the streaming engine is up and running (I can’t play around on an productive environment, therefore I use a trial Licence for this server)

netstat seems to be ok, 8088 and 1935 are listening

Should the 8087 Listen?

root@wow:/etc/shorewall # netstat -an | grep '8086'
tcp        0      0 0.0.0.0:8086            0.0.0.0:*               LISTEN
root@wow:/etc/shorewall # netstat -an | grep '8087'
root@wow:/etc/shorewall # netstat -an | grep '8088'
tcp        0      0 0.0.0.0:8088            0.0.0.0:*               LISTEN

Firewall for 8087 is open.

Thank you for your help!

@gsa, did you figure out how to get around this issue? I am experiencing the exact same. I have my streamlock file I am able to browse to the Streaming Engine Manager page using HTTPS. I have enabled SSL on the REST config like in your code snippet and have set my streamlock file and password but I get the same error as you have stated.

Thanks

Hi Simon,
Thank you for reaching out to us via the forum. I recommend that you create a support ticket so that we can investigate this issue further.
https://www.wowza.com/support/open-ticket

When creating a ticket, please ensure that you include a ZIP file containing the following directories:
[Wowza-Install]/conf/
[Wowza-Install]/logs/
[Wowza-Install]/manager/conf/
[Wowza-Install]/manager/logs/

Note: Only the latest log files showing the issue are required.

Regards,
Jason Hilton
Senior Technical Support Engineer
Wowza Media Systems | The solution you start with, the partner you scale with.

Hi Simon,

no I wasn’t successfull, I use a workaround, to check my REST API local via a nrpe client.
Therefore https StreamingEngineManager is working, and the API local too.

Sorry, I’m not able to help here, but the Wowza Staff is very helpfull!

Best regards
Gerhard

Thanks @gsa. @Jason_Hilton I have just created a support ticket. Thanks

Based on the error you have I think your Wowza Streaming Engine Manager login page needs to have the SSL domain entered instead of the localhost. Something like this:

Screenshot 2023-05-03 at 9.42.32 AM321×485 17.9 KB

To close the loop on this, the SSL certificate used for the REST API had been configured incorrectly. After resolving this, the REST API works as expected over SSL with Wowza Streaming Engine Manager and other REST API clients.

Regards,
Jason Hilton
Senior Technical Support Engineer
WOWZA | The solution you start with, the partner you scale with.

Manage your Support cases online
Bookmark our FAQ page
Bookmark our Status page