====== Configuring Ampache with SSL ====== Ampache works perfectly with SSL. All you need to do is configure your webserver correctly and you're off and running. There are however a few catches. - **Most players do not support playback of HTTPS streams** - By default Ampache has the config option //Force Http Playback// turned on. This means that Amapche will write all Playlist urls with http. As such you'll need to have /play/index.php accessible on the http port at the same path point as your SSL instance. * Example ampache.conf is shown below ################################################################ #/etc/apache2/conf.d/ampache.conf # # This configuration file redirects all inbound http requests to # the ssl port of your system, with the exception of the play # directory. Therefore, music will still stream over port 80. # # Apache Modules needed: rewrite, php5 # # make sure httpd.conf includes /etc/apache2/conf.d/*.conf # or place the script in the appropriate directory. # # You need to change absolute directories to ampache directory. # Optionally, you can set sess_cookiesecure = 1 # in config/ampache.cfg.php # # Tested on Apache 2.0.63 on SUSE 10.3, # Kai Gemba. Aug.20 2008, kgemba@csulb.edu ################################################################# # Exception for the play directory RewriteEngine on Options -Indexes +FollowSymLinks -ExecCGI RewriteCond %{SERVER_PORT} !^80$ RewriteRule index.php http://%{HTTP_HOST}/music/play/index.php [NC,R,L] # Force ampache to be ssl RewriteEngine on Options +Indexes +FollowSymLinks +ExecCGI AllowOverride None RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}/music/$1 [NC,R,L] # Extra Security for bin and config Order deny,allow Deny from all Order deny,allow Deny from all ===== Clients Supporting SSL Streaming ===== * [[http://winamp.com|Winamp]] //Windows// * [[http://www.videolan.org/vlc/|VlC]] //Windows,Linux,MacOS// * Note: If you are running a non-root CA, also: settings>preferences>advanced>gnutls>uncheck the first box