'SRS how enable HTTPS for HLS stream?

I use Ubuntu 16 server with apache and let's encrypt certificates. I have compiled SRS today directly from Git, so I have the latest version. I'm trying to enable HTTPS on all site, I have a player which load HSL stream passed by RTMP. How can I enable SSL? Now I receive the connection closed error. I've tried to move the path of HLS stream to one folder covered by certificate with no results.

This is the link for SRS: https://github.com/ossrs/srs

If someone needs more detail I can reply.

http-live-streamingsimple-realtime-server


Solution 1:[1]

If you use NGINX or CaddyServer, you could set HTTPS proxy for SRS, please read #2881, it works like this:

OBS --> SRS --HTTP--> NGINX --HTTPS--> Viewers

Note: It's a HTTPS reverse proxy, if you need a HLS cluster, please read this.

However, ossrs/srs has support for https but they don't enable it by default. So do this to enable https

  1. I install ossrs/srs by using docker, default config uses port 8088 for https so remember to expose that port for docker

     docker run -d -p 1935:1935 -p 1985:1985 -p 8080:8080 -p 8088:8088 \
     ossrs/srs:v4 ./objs/srs -c conf/srs.conf

  2. Change http_server part in config file '/usr/local/srs/conf/srs.conf'

    Change from

     http_server {
     enabled         on;
     listen          8080;
     dir             ./objs/nginx/html;
 }

    To

     http_server {
     enabled         on;
     listen          8080;
     dir             ./objs/nginx/html;
     https {
         # Whether enable HTTPS Streaming.
         # default: off
         enabled on;
         # The listen endpoint for HTTPS Streaming.
         # default: 8088
         listen 8088;
         # The SSL private key file, generated by:
         #       openssl genrsa -out server.key 2048
         # default: ./conf/server.key
         key ./conf/server.key;
         # The SSL public cert file, generated by:
         #       openssl req -new -x509 -key server.key -out server.crt -days 3650 -subj "/C=CN/ST=Beijing/L=Beijing/O=Me/OU=Me/CN=ossrs.net"
         # default: ./conf/server.crt
         cert ./conf/server.crt;
     }
 }

  3. Remember to upload your server.key and server.crt to conf folder (you can generated self signed certificate by comment guidelines above)

  4. Restart docker to complete

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Winlin

Related Questions