Using Stunnel to add ssl to shoutcast (or any service that does not have ssl)

Posted at January 14, 2016 at 12:10 pm by John Quaglieri

Stunnel is a proxy designed to add TLS encryption functionality to existing clients and servers without any changes in the programs’ code.

First stunnel must be installed. Many OS’s have stunnel preinstalled: so try running stunnel first. If not install with your OS’s package management tool such as

centos: yum install stunnel
ubuntu: apt-get install stunnel

Once stunnel is installed you can begin. First a config file is needed. In this example shoutcast is installed already and running on port 8000. It is listening on localhost only. Create the file

/etc/stunnel/stunnel.conf


client=no
[shoutcast]
accept=8002
connect=localhost:8000
cert = /etc/stunnel/stunnel.pem

Now create the PEM file /etc/stunnel/stunnel.pem

The format is

rsa key first
certificate second
cabundle/intermediate third

Set permissions to 600
chmod 600 /etc/stunnel/stunnel.pem

Now stunnel can be started with the command /usr/bin/stunnel and we can connect to port 8002 over ssl.

0.00 avg. rating (0% score) - 0 votes

You can skip to the end and leave a response. Pinging is currently not allowed.

2 Responses to “Using Stunnel to add ssl to shoutcast (or any service that does not have ssl)”

  1. Mula78 says:

    There is any chance that you can help me to configure Stunnel for SHOUTcast in windows server 2012 r2?

Leave a Reply