SSL Certificate error when attempting a secure=true input stream.
I’ve just done a fresh install of libretime on a Debian 11 server. It’s working fine for playing files and streaming with stream.inputs.main.secure=false, but when I set that value to true, it is giving an error and not accepting the stream.
It seems to be a permissions issue with the libretime-liquidsoap or liquidsoap group not being able to read the SSL certificates. Any ideas?
To reproduce
Steps to reproduce the behavior.
- Set
stream.inputs.main.secure=truein config.yml. - Broadcast stream to the master stream, I’m using Butt for this.
Expected behavior
- LibreTime does not detect the stream.
- Inspecting /var/log.syslog or liquidsoap.log spews the following:
Feb 16 20:28:41 localhost libretime-liquidsoap[65500]: 2024/02/16 20:28:41 [harbor:2] Failed to accept new client: SSL: Certificate error: error:0200100D:system library:fopen:Permission denied
Feb 16 20:28:41 localhost libretime-liquidsoap[65500]: 2024/02/16 20:28:41 [harbor:2] Failed to accept new client: SSL: Certificate error: error:0200100D:system library:fopen:Permission denied
Feb 16 20:28:41 localhost libretime-liquidsoap[65500]: 2024/02/16 20:28:41 [harbor:2] Failed to accept new client: SSL: Certificate error: error:0200100D:system library:fopen:Permission denied
Feb 16 20:28:41 localhost libretime-liquidsoap[65500]: 2024/02/16 20:28:41 [harbor:2] Failed to accept new client: SSL: Certificate error: error:0200100D:system library:fopen:Permission denied
LibreTime version
LibreTime version: 4.0.0
Installation method and OS / Environment
Install script on Debian 11