Using Stunnel to add ssl to shoutcast (or any service that does not have ssl)
Stunnel is a proxy designed to add TLS encryption functionality to existing clients and servers without any changes in the programs’ code.
First stunnel must be installed. Many OS’s have stunnel preinstalled: so try running stunnel first. If not install with your OS’s package management tool such as
centos: yum install stunnel
ubuntu: apt-get install stunnel
Once stunnel is installed you can begin. First a config file is needed. In this example shoutcast is installed already and running on port 8000. It is listening on localhost only. Create the file
cert = /etc/stunnel/stunnel.pem
Now create the PEM file /etc/stunnel/stunnel.pem
The format is
rsa key first
Set permissions to 600
chmod 600 /etc/stunnel/stunnel.pem
Now stunnel can be started with the command /usr/bin/stunnel and we can connect to port 8002 over ssl.