Flussonic Media Server documentation

Let's Encrypt and Flussonic Media Server

Let's Encrypt service allows getting certificates for setting up HTTPS in automatic mode.

Flussonic Media Server has an in-built support of Let's Encrypt, therefore, installation of extra packs and manual adjustment of a web server are not necessary.

You only have to enter the admin panel and specify the port for HTTPS, then press the button "Let's Encrypt".

After that, Flussonic Media Server will do everything by itself – it will get the certificate and will update it.

You do not have to worry about certificate expiry or edit text config files.

HTTPS is necessary for:

  • prevention of server control theft, letting someone know your password or streaming links;
  • protecting video from security cameras;
  • paste a link on a site running on https (otherwise, browsers will complain of unprotected content).

Below is more detailed description of the process of setting and the operating principle of Let's Encrypt.

Let's Encrypt: how it works Anchor Anchor x2

Detailed description on the official site: https://letsencrypt.org/how-it-works/.

To make Let's Encrypt issue a valid certificate for you, it is necessary to prove that you own the domain. When you press Issue by Letsencrypt in the admin panel, Flussonic Media Server provides the domain name for which a certificate is required. In response, it obtains a key that should be given back when the checking bot will address the server through HTTP (exactly on port 80) at address http://your-domain.com/.well-known.

The checking bot addresses your domain, so the domain must be delegated, and DNS records set up for IP address where Flussonic Media Server is operating. The bot certifies the owner of the domain, and Flussonic Media Server saves the certificate.

To prolong the certificate, you should repeat the verification, i.e. Flussonic Media Server should always be listening on the port http 80;. Verification cannot be transferred to other port — these are the rules of Let's Encrypt. Prolongation occurs automatically when the certificate expires; also, the certificate can be updated manually through the admin panel of Flussonic Media Server.

Setting Anchor Anchor x2

  • Enter the admin panel of Flussonic Media Server using a domain name instead of IP address (e.g., http://your-domain.com/admin)
  • Enter the «Config» tab and and enter SSL-tunneled protocols as HTTPS ports, specify 443.

  • After that, the button "Issue by LetsEncrypt", which launches the process of getting a certificate, will appear on the panel.

  • Press the button and wait for the certificate expiry date to appear (it usually takes up to 10 seconds).

This is how the menu looks when the certificate was not issued:

After the certificate was issued:

Save the settings by pressing "Save". Flussonic Media Server will redirect your browser to https:// — now you can provide service over HTTPS.