Friday, June 11, 2021

server upgrade, certificates

We planned a streaming server upgrade. During the upgrade process, we would transfer the DNS to our web server, making it the temporary streaming server. 

According to one of the replies at

https://community.letsencrypt.org/t/how-to-set-up-lets-encrypt-https-after-moving-site-to-new-server/114776/2

the easiest way for temporary certificate transfer would be to just copy the certificates and icecast proxy server executable from our streaming server to our web server.

So,

1. copy the certificates and 2nd icecast server to the web server

2. check that the web server returns the correct certificate by locally setting /etc/hosts file DNS record of our stream url to the web server's IP address

3. on cloudflare, change the IP address from the streaming ip address to the web server's ip address for the stream url A record

After the upgrade is done, again do the steps 1, 2 and 3 for going from the web server to the streaming server. If everything goes well, the certificates and executable will remain on on the streaming server, and we will not need to copy them back. 

No comments:

Post a Comment