Icecast Server/known https restrictions: Difference between revisions

From XiphWiki
Jump to navigation Jump to search
m (Info on cert reload)
(+TLS Mode compatibility charts)
Line 6: Line 6:
* Certificate reload is not implemented in 2.4.x. Icecast2 2.4.x needs to be restarted to reload the certificate.
* Certificate reload is not implemented in 2.4.x. Icecast2 2.4.x needs to be restarted to reload the certificate.
* …
* …
== TLS Mode compatibility charts ==
The following list Icecast configuration settings (horizontal) versus client settings (vertical).
Note: While auto mode may connect using TLS it will not establish a secure connection. auto_no_plain will ensure a secure connection.
=== Icecast2 2.4.x ===
{| class="wikitable"
! !! 0 !! 1
|-
! colspan="3" | libshout
|-
! disabled
| Yes || No
|-
! auto
| Yes || Yes
|-
! auto_no_plain
| No || Yes
|-
! RFC2817
| No || No
|-
! RFC2818
| No || Yes
|}
=== Icecast2 2.5.x ===
Note: for truth values the following keywords can be used in the configuration: 0, false, no, off, 1, true, yes, on
{| class="wikitable"
!
! TLS not configured
! colspan="2" | TLS configured
|-
! !! false !! false !! true
|-
! colspan="4" | libshout
|-
! disabled
| Yes || Yes || No
|-
! auto
| Yes || Yes || Yes
|-
! auto_no_plain
| No || Yes || Yes
|-
! RFC2817
| No || Yes || Yes
|-
! RFC2818
| No || No || Yes
|}
=== Icecast2 2.5.x branch ph3-update-TLS ===
{| class="wikitable"
!
! colspan="2" | TLS not configured
! colspan="5" | TLS configured
|-
!
! disabled !! auto, false
! disabled !! auto, false !! auto_no_plain !! rfc2817 !! rfc2818, true
|-
! colspan="8" | libshout
|-
! disabled
| Yes || Yes || Yes || Yes || No || No || No
|-
! auto
| Yes || Yes || Yes || Yes || Yes || Yes || Yes
|-
! auto_no_plain
| No || No || No || Yes || Yes || Yes || Yes
|-
! RFC2817
| No || No || No || Yes || Yes || Yes || No
|-
! RFC2818
| No || No || No || Yes || Yes || No || Yes
|}


[[Category:Icecast]]
[[Category:Icecast]]

Revision as of 04:07, 28 November 2016

This page lists known problems of latest released Icecast when operating with TLS enabled.

  • 'listenurl' in the internal XML status representation is not protocol aware and will always use 'http' + first listen-socket.
  • Virtual playlist files don't work
  • Authentication helper doesn't work (needs verification)
  • Certificate reload is not implemented in 2.4.x. Icecast2 2.4.x needs to be restarted to reload the certificate.

TLS Mode compatibility charts

The following list Icecast configuration settings (horizontal) versus client settings (vertical). Note: While auto mode may connect using TLS it will not establish a secure connection. auto_no_plain will ensure a secure connection.

Icecast2 2.4.x

0 1
libshout
disabled Yes No
auto Yes Yes
auto_no_plain No Yes
RFC2817 No No
RFC2818 No Yes

Icecast2 2.5.x

Note: for truth values the following keywords can be used in the configuration: 0, false, no, off, 1, true, yes, on

TLS not configured TLS configured
false false true
libshout
disabled Yes Yes No
auto Yes Yes Yes
auto_no_plain No Yes Yes
RFC2817 No Yes Yes
RFC2818 No No Yes

Icecast2 2.5.x branch ph3-update-TLS

TLS not configured TLS configured
disabled auto, false disabled auto, false auto_no_plain rfc2817 rfc2818, true
libshout
disabled Yes Yes Yes Yes No No No
auto Yes Yes Yes Yes Yes Yes Yes
auto_no_plain No No No Yes Yes Yes Yes
RFC2817 No No No Yes Yes Yes No
RFC2818 No No No Yes Yes No Yes