Dear people,
please share your thoughts/advice on howto get to the following ‘architecture’ when using Libretime/Icecast as a radio application:
-
A secure icecast stream (on port 8000), for the listeners, on the internet.
-
A secure source icecast stream (on port 8001), for the deejay, accessible from ‘outside’, from the internet.
-
Another secure source icecast stream (on port 8002) : for another deejay, accessible from ‘outside’, from the internet.
Topic 1 : A secure icecast stream (port 8000) (more or less solved)
This can be achieved using the native icecast-ssl support and a certificate as documented in :
Question 1-1: When obtaining a certificate from ‘Let’s Encrypt’ for a certain domain, like ‘pimvlaar.net’, can it be used in a domain like, ‘wrfradio.org’?
Topic 2 : A secure source icecast stream (port 8001) (NOT SOLVED)
The deejays are creating their shows ‘outside’ the local network and they like to use the program MIXXX for creating their shows and stream it up to icecast/libretime.
Question 2-1: How do we secure the icecast source stream?
Question 2-2: Can we use the same certificate (as the certificate used for the listener-stream (8000)) to secure the source stream?
Question 2-3: Can we still use the program MIXXX for doing shows: does it have a ssl capable icecast-client?
Question 2-4: Or should the deejays use VPN to connect to the icecast/libretime soource stream?
Question 2-5: Or should the deejay do the upstreaming via a out-going proxy into a in-coming proxy which is in front of the source port of libretime/icecast?
Topic 3 : Another secure source icecast stream (port 8001) (NOT SOLVED)
Question 3-1: How do we secure another icecast source stream?
Question 3-2: Can we use the same certificate (as the certificate used for the listener-stream (8000)) to secure the source stream?
Question 3-3: Is Libretime capable of ‘blending’ the two source-streams in a way that a smooth transition from a show into another can be achieved?
Please, correct me if i am wrong, (i would like to learn) and provide suggestions and alternatives.
Kind regards,
Pim