Jump to content
  • Today's Birthdays

    No users celebrating today
  • Forum Statistics

    • Total Topics
      392
    • Total Posts
      408
  • Posts

    • To prevent man in the middle attacks

      Create a certificate for your stunnel..
      Stunnel uses SSL certificates to secure its connections, which you can easily create using the OpenSSL package: On Windows On windows, during stunnels install / start up,
      you will create a default certificate for your server which can be used to secure your server from man in the middle attacks...

      Your code will look like so, to use a secure certificate during your live streams. [fb-live] client = yes accept = 127.0.0.1:19350 connect = live-api-s.facebook.com:443 verifyChain = yes CAfile = ca-certs.pem checkHost = live-api-s.facebook.com OCSPaia = yes
      On Linux Stunnel uses SSL certificate to secure its connections, which you can easily create using the OpenSSL package:

      Create a self signed ssl certificate for stunnel openssl genrsa -out key.pem 2048 openssl req -new -x509 -key key.pem -out cert.pem -days 1095 cat key.pem cert.pem >> /etc/stunnel/stunnel.pem Change your config to: [fb-live] client = yes accept = 127.0.0.1:19350 connect = live-api-s.facebook.com:443 verifyChain = yes CAfile = /etc/stunnel/stunnel.pem checkHost = live-api-s.facebook.com OCSPaia = yes Restart Stunnel and
      That's all there is to it.
    • PLEASE NOTE:
      NGINX on windows has its limitations.
      If you receive and error: unknown directive " rtmp"
      Trying to start Nginx using a RTMP NGINX Streaming config,
      You will need a Paid / Subscription version of Nginx for windows.
      Which can be purchased and supported by the developer here.
      For the best experience, use nginx and the rtmp module on a linux distro as it is free & open source.
    • NGINX on Windows 
      For this setup, I’m using nginx 1.17.0.1 Crow (download here) on Windows 10.
      This version for windows contains the RTMP-Module (Read here to view Nginx modules installed)

      Installing Nginx on Windows
      Download the Nginx .zip file and it Extract to your computer. (use 7-zip to Extract)
      In this tutorial i will be extracting nginx to this location in my windows 10 pro pc C:/nginx Configuring Nginx To configure nginx, The default nginx configuration file is located in the conf folder.
        c:/nginx/conf You need to rename the nginx-win.conf file to nginx.conf

      Editing the Nginx.conf file for rtmp streaming
      You can edit the nginx.conf file using notepad++ or any text editor for windows.
      Add any configurations to the bottom of the nginx.conf file...

      Configuring Nginx for RTMP Streaming
      If you read the module list for windows nginx, the rtmp module has been precompiled into nginx for via subscription.
       (Read here to view Nginx free / subscription modules installed)
      For rtmp support, add the following to the bottom of your file & save. rtmp {     server {         listen 1935;         ping 30s;         notify_method get;         application live {             live on;                  #push to restream.io         push rtmp://live.restream.io/live/streamkey;         }     } }
      Starting Nginx
      To start nginx, you can start via command line or via GUI.
      To start via GUI, simply click the nginx.exe

      To start via command line, Open Windows PowerShell in Administrator mode. Here is an example on how to start Nginx for the drive C:/ root directory:  Run the tasklist command-line utility to see nginx processes: One of the processes is the master process and another is the worker process.
      If nginx does not start, look for the reason in the error log file logs\error.log.
      If the log file has not been created, the reason for this should be reported in the Windows Event Log.
      If an error page is displayed instead of the expected page, also look for the reason in the logs\error.log file. nginx/Windows uses the directory where it has been run as the prefix for relative paths in the configuration.
      In the example above, the prefix is C:\nginx\
      Paths in the nginx configuration file must be specified in UNIX-style using forward slashes: nginx/Windows runs as a standard console application (not a service), and it can be managed using the following commands: That's all there is to it.
      Enjoy streaming using Nginx with RTMP Support on your Windows PC's  
    • Arma 3 Contact, Update 1.94, Global Mobilization Update
      View the full article
    • Unfortunately, as of now, NGINX module nginx-rtmp-module doesn’t support RTMPS “out-of-the-box”.
      The nginx-rtmp-module also doesn't support pushing to an rtmps:// address...
      and i don't think the feature will be added in recent releases as it is simple to achieve this...

      A easy way to incorporate RTMPS into this module is by using stunnel, a popular “application used to provide a universal TLS/SSL tunneling service”.

      How to Secure rtmps push / rtmps stream to Facebook
      I'll assume you have some pre-installed version of Nginx installed with the RTMP-Module & ffmpeg (optional)

      Using NGINX on Windows 
      For this setup, I’m using nginx 1.17.0.1 Crow (download here) on Windows 10.
      The subscription version for windows contains the RTMP-Module (Read here to view free / commercial Nginx modules installed)
      Purchase your subscription here. Follow the instructions on How to install and configure Nginx on Windows (Here) NGINX AND THE RTMP STREAMING SERVER MODULE MUST BE CONFIGURED FOR WINDOWS STREAMING BEFORE USING STUNNEL Stunnel for Windows (download here)
      After you installed stunnel, you need to edit stunnel.conf which is located in  C:\\Users\YourUsername\AppData\Local\stunnel\config\stunnel.conf Note: You can also type in: ‘edit stunnel.conf’ in the search bar and it will open up Notepad for you!
      Now add the following lines to end of stunnel.conf.  [fb-live]
      client = yes
      accept = 127.0.0.1:19350
      connect = live-api-s.facebook.com:443
      verifyChain = no This creates a session that allows NGINX to send the stream via RTMP and stunnel will then send the stream to Facebook via RTMPS. ____________ ____________ ____________ ____________ | Streaming | | | | | | Facebook | | Source | ---> | NGINX | ---> | stunnel | ---> | Live | |____________| |____________| |____________| |____________| Now modify nginx.conf and replace the old Facebook push instruction (If you had it there before) with the following line:   push rtmp://127.0.0.1:19350/rtmp/<your_facebook_stream_key>; Save those two files and start stunnel via command-line or with the GUI application and then start nginx. 
      Test your live stream with OBS or ffmpeg. 

      That’s all there is to it!
      Linux (Ubuntu Server latest)
      Again Assuming you have Nginx and RTMP-Module, ffmpeg installed.
      If you haven't installed nginx compiled with the RTMP-Module on your ubuntu server system, (Click here for instruction)
      NGINX AND THE RTMP STREAMING SERVER MODULE MUST BE CONFIGURED FOR LINUX STREAMING BEFORE USING STUNNEL
      I'm installing stunnel on Ubuntu Server 18.04 - with root user. 
      You need to switch root user or use sudo for every commands listed below. Install stunnel apt install stunnel4   Here is a minimal configuration of stunnel Create the minimal configuration for stunnel
      Using vi or vim text editors. vi /etc/stunnel/stunnel.conf
        or vim /etc/stunnel/stunnel.conf Paste in the following and Save setuid = stunnel4
      setgid = stunnel4
      pid=/tmp/stunnel.pid
      output = /var/log/stunnel4/stunnel.log
      include = /etc/stunnel/conf.d Enable tunnel in /etc/default/stunnel4 vi /etc/default/stunnel4 or vim /etc/default/stunnel4 Paste ENABLE=1
        Save file

      Now create and add a tunnel for Facebook Live address vi /etc/stunnel/conf.d/fb.conf or vim /etc/stunnel/conf.d/fb.conf
      PASTE [fb-live]
      client = yes
      accept = 127.0.0.1:19350
      connect = live-api-s.facebook.com:443
      verifyChain = no Save file.

      Please Note: If you receive a error creating the above file,
      The conf.d directory might not created by default. 
      To create it the conf.d directory. mkdir /etc/stunnel/conf.d/ 
        or if not root user sudo mkdir /etc/stunnel/conf.d/
       
      Start Stunnel systemctl restart stunnel4 && systemctl status stunnel4
        or Service stunnel4 restart && service stunnel4 status Assuming FFMPEG is installed,
      We can run a ffmpeg command to test pushing a stream, target to local stunnel port :19350 ffmpeg -re -i rtmp://127.0.0.1/live/yourstreamkeyinobs -c:v libx264 -c:a aac -f flv rtmp://127.0.0.1:19350/rtmp/<facebook-live-stream-key>   If your stream goes live on Facebook, The Stunnel is Now ready to work!
      Now we just replace the URL to local stunnel port within nginx rtmp config.
        Change this line in your nginx config (Streaming to Facebook Un-Securely) push rtmp://live-api-s.facebook.com:80/rtmp/<facebook-live-stream-key>;
        to (Streaming to Facebook Securely) push rtmp://127.0.0.1:19350/rtmp/<facebook-live-stream-key>;
       All done!

      Again, From a high level,  Your Streaming Source (OBS/XSplit/Wirecast/etc) NGINX Stunnel Facebook Should now operate like this: ____________ ____________ ____________ ____________ | Streaming | | | | | | Facebook | | Source | ---> | NGINX | ---> | stunnel | ---> | Live | |____________| |____________| |____________| |____________| Hope this helps out on pushing your streams securely to rtmps servers.
×