Librarium
Settings

Setting Up SSL for Airsonic on Windows

i12bretro
learningtechnologyairsonicapache tomcatbrowser basedhow tohttpsi12bretromicrosoftpkiself-hostedsslstreamingsubsonictutorialweb basedwindows

#Airsonic #Stream #Windows #SSL

Full steps can be found at https://i12bretro.github.io/tutorials/0165.html

Prerequisites

Create Your SSL Certificate

  1. Launch XCA
  2. Open the PKI database if it is not already (File > Open DataBase), enter password
  3. Click on the Certificates tab, right click on your Intermediate CA certificate
  4. Select New
  5. On the Source tab, make sure Use this Certificate for signing is selected
  6. Verify your Intermediate CA certificate is selected from the drop down
  7. Click the Subject tab
  8. Complete the Distinguished Name section
internalName: Airsonic SSL
countryName: US
stateOrProvinceName: Virginia
localityName: Northern
organizationName: i12bretro
organizationUnitName: i12bretro Certificate Authority
commonName: airsonic.i12bretro.local
  1. Click the Generate a New Key button
  2. Enter a name and set the key size to at least 2048
  3. Click Create
  4. Click on the Extensions tab
  5. Select End Entity from the type list
  6. Click Edit next to Subject Alternative Name
  7. Add any DNS or IP addresses that the certificate will identify
  8. Update the validity dates to fit your needs
  9. Click the Key Usage tab
  10. Under Key Usage select Digital Signature, Key Encipherment
  11. Under Extended Key Usage select Web Server and Web Client Authentication
  12. Click the Netscape tab
  13. Select SSL Server
  14. Click OK to create the certificate

Exporting Required Files

  1. In XCA, click on the Certificates tab
  2. Right click the SSL certificate > Export > File
  3. Set the file name with a .crt extension and verify the export format is PKCS #12 (*.p12)
  4. Enter the password airsonic and confirm, Click OK
  5. Click OK

Applying the SSL Certificates to Airsonic

  1. Stop the Apache Tomcat service
  2. Navigate to the Apache Tomcat/conf directory in Explorer
  3. Edit the server.xml file in a text editor
  4. Comment out the existing connector and paste the following:
<Connector port="8000"
protocol="org.apache.coyote.http11.Http11AprProtocol"
maxThreads="150"
SSLEnabled="true"
SSLProtocol="TLS"
clientAuth="false"
secure="true"
scheme="https"
SSLCertificateFile="G:\xampp\~certificates\airsonic.i12bretro.local.crt"
SSLCertificateKeyFile="G:\xampp\~certificates\airsonic.i12bretro.local.key"
SSLCertificateChainFile="G:\xampp\~certificates\ca‐chain.pem"
keyAlias="airsonic.i12bretro.local"
sslEnabledProtocols="TLSv1.1+TLSv1.2+TLSv1.3">
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
</Connector>
  1. Go back to the Services dialog and start Apache Tomcat
  2. Open a web browser and navigate to https://DNSorIP:8000/airsonic
  3. Airsonic should now be running securely with https using the new certificate

### Connect with me and others ###
★ Discord: https://discord.com/invite/EzenvmSHW8
★ Reddit: https://reddit.com/r/i12bretro
★ Twitter: https://twitter.com/i12bretro
...
https://www.youtube.com/watch?v=3CFUGFfcEU0

2022-10-24
0.0 LBC
Copyrighted (contact publisher)

18151793 Bytes