Subsonic Forum

How would I go about replacing the SSL cert that the 4.4.1beta ships with? I have a signed SSL cert for apache, but can this be cleanly shifted over to work with Subsonic?

perhaps a little off topic, but how do you actually enable SSL in the first place? It's not immediately apparently when I've browsed through the settings, and it doesn't seem to be mentioned in the wiki at all. It's been added only in the Beta I see, so perhaps documentation hasn't caught up with that release.

I would also like to get it working with the SSL cert I use for my apache.

reticent,

The HTTPS setting is in the shell script that starts up Subsonic: subsonic.sh

The 3rd and 4th lines in the main config section are the two to look for, the ones that go:

SUBSONIC_PORT=4040
SUBSONIC_HTTPS_PORT=0

A "0" = disabled. So to enable HTTPS, just change the SUBSONIC_PORT value to 0, and change the SUBSONIC_HTTPS_PORT to whatever you'd like, typically 443 or 8443.

All there is to it, just be sure that whatever port you choose (443, 8443, etc.) is opened up on both the server itself (ie, iptables) and your router (if desiring external access).

Hope this helps, and cheers,
Supra92

Read the question !!!! I don't want to enable ssl en Https !!!!
I want to change the ssl certificate... I want to know it's location on disk !

PLease help !!! what kind of certifate must i buy (apache, Java, Tomcat ???)

Settle down, he was answering my question, which I'd apologised for posting in this thread (given the original posters question was on a similar, but different note). The original question still stands, and hopefully will be addressed by someone.

kwekkerz wrote:Read the question ! I don't want to enable ssl en Https !
I want to change the ssl certificate... I want to know it's location on disk !

PLease help !!! what kind of certifate must i buy (apache, Java, Tomcat ???)

Sorry,

and where is the key-location on disk on ubuntu linux?

humvee wrote:and where is the key-location on disk on ubuntu linux?

Maybe in the same file as the windows version. Which is in the subsonic-booter-jar-with-dependencies.jar file.

I haven't had time to figure it out on Linux yet but here is the windows walk through.

http://forum.subsonic.org/forum/viewtopic.php?t=5295

The location of the *.tar file on ubuntu 10.10 = : /usr/share

I stop the service. copy the *.jar file to my windows desktop
open it en extract the subsonic.keystore

My keystore = *.jks. i renamed it to subsonic.keystore and add it to the *.jar file.
restart the service......

Service never came up again.
Set it to the original and restart.....subsonic is up and running...

what did i do wrong ?

yep,
when i replace the subsonic.keystroke
with my cert, verified by a trust center...
syntay of my ssl-cert:

-----BEGIN RSA PRIVATE KEY-----
thisismyprivatekeyitisabitlonger
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
thismycertificateandabitlongertoo
-----END CERTIFICATE-----

the server does not respond to any https request.
the original cert does not look like the syntax of my
key i want to implement.
how can i convert my cert to the one subsonic needs?

thanks

When Sindre built the .keystore he put a keystore password on it of subsonic. When you build your .keystore add the -storepass to the command line.


Look here for an example.

http://forum.subsonic.org/forum/viewtopic.php?t=5295

So I get the example, but is there any explanation to what most of that is?

If I generate a subsonic.keystore using keytool, I can sign it and not have to buy any SSL cert, right?

I've never dealt with SSL before, so I have no idea what I'm getting into.

@humvee

You have to export your SSL certificate to a Java keystore file. I did the following from a terminal:

Code: Select all

keytool -import -alias root -keystore mysubsonic.keystore -trustcacerts -file mysscertificate.crt

It will prompt for the password for your private key, etc. Then it will create mysubsonic.keystore in /Home/%username%.

It will then ask you if you want to trust the certificate. Answer yes. Now you can rename your mysubsonic.keystore file to subsonic.keystore and replace the subsonic.keystore file that is in the .JAR file you copied over to your desktop.

I did this however, was unable to get Subsonic working again, even after restoring my backed up .JAR file. I am going to purge subsonic and re-install and test again.

-hogfan

Well, I purge the install and re-installed the .deb file for 4.4 and verified Subsonic working again. This time I stopped the Subsonic service before copying the .JAR file over to my desktop but it didn't seem to make a difference. I also took note of the file permissions on /usr/share/subsonic and on the actual .JAR file and applied the same permissions back to each after copying my modified .JAR back to /user/share/subonic folder. Subsonic service still starts back up fine, but I'm not able to bring up the Subsonic webpage still. Has anybody got this working on a Linux install yet? I don't understand why this is not working when I exported my SSL certificate to a Java keystore file.

-hogfan