Most browsers can't load resources via HTTP and WS (WebSocket) from HTTPS web pages secured with TLS. Therefore, if the player is on an HTTPS page, the player must request streaming through "https" and "wss" URLs secured with TLS. In this case, you must apply the TLS certificate to the OvenMediaEngine.
You can set the port for TLS in TLSPort
. Currently, LLHLS and WebRTC Signaling support TLS.
Add your certificate files to as follows:
To enable HTTP for HLS and WebRTC signaling servers, you must enable the TLS element and install the certificate file in PEM format. This involves indicating a server certificate through the CertPath
, as well as a private key file through the KeyPath
. These paths can be specified as either absolute or relative paths from the executable. However, if the server certificate was issued using an intermediate certificate, some browsers may raise concerns about the certificate's authenticity. To address this, a bundle of chained certificates provided by a Certificate Authority can be set in the ChainCertPath
.
Assuming the certificate settings are correctly configured, WebRTC streaming can then be played via the wss://url protocol, while LLHLS streaming can be accessed via https://url.
Starting from version OME v0.15.1, IPv6 is supported.
To use IPv6, you need to change the settings of the Server.xml
file as follows:
You can use /Server/IP
to support IPv6. In versions prior to v0.15.0, only one /Server/IP
setting could be specified, but in versions after v0.15.1, multiple settings can be specified. That is, if you add an /Server/IP
element for IPv6 to the existing configuration as follows, you can accept IPv6 requests from clients:
*
means 0.0.0.0
(INADDR_ANY
) in IPv4, and ::
means ::0
(in6addr_any
) in IPv6.
Of course, you can also specify a specific IP address of an interface instead of ::
.