How to Enable SSL for Azure Application Gateway For Scaling Azure Ant Media Solution

Published by Murat AYDIN on

Try Live Demo

While setting up a scaling Azure Ant Media Solution, SSL needs to be set up for Azure Application Gateway, which acts as a load balancer.

SSL is required for enabling mic and camera in browsers. Otherwise, WebRTC will not work. In this post, I will explain how to enable SSL for Azure Application Gateway. Application Gateway is used for load balancing in a clustering Azure solution. Please have a look at this document for enabling SSL for standalone servers.

We are going to use Let’s Encrypt for enabling SSL. Let’s Encrypt is a FREE, automated and open Certificate Authority brought to you by the non-profit Internet Security Research Group (ISRG) and supported by big corps such as Google, Facebook, Microsoft, and many others, to have a more secure and privacy-respecting Web.

Create Certificate

  1. Open a terminal.
  2. Install certbot 
    sudo apt-get install certbot
  3. Executed the following command by writng your email address and your domain. 
    sudo certbot certonly --email your_email_address -d your_domain --agree-tos --manual

Screen Shot 2019 12 12 at 01.11.40
  4. Follow the instructions and press Enter to continue.
  5. After successful operation, terminal output should something like belowScaling Azure Ant Media

Create PFX for Azure Application Gateway

We need a PFX file for Azure Application Gateway and we can create it using openssl by using
the files(cert.pem, chain.pem, fullchain.pem, privkey.pem) which are created under /etc/letsencrypt/live/{Your_Domain} in previous step.

Run the below command to have PFX file

sudo openssl pkcs12 -inkey ./privkey.pem -in ./cert.pem -export -out murat.antmedia.io.pfx

Now we have the PFX file.

Create Azure Application Gateway with Certificate for Scaling Azure Ant Media Solution

When creating the Azure Application Gateway, we will provide this certificate.

  • Upload certificate while creating rule (https_5443_edge) rule and provide a name and password for the certificate.

Upload certificate while creating https_5443_edge rule and provide a name for the certificate

  • While creating the listener for the https_443_origin rule, use the certificate which is previously uploaded.

Use the certificate previously uploaded for the listener which is created for the https_443_origin rule

After that, you can open your Ant Media Server instance with https://your_domain url. For the full guide that describes setting up a clustering solution in Azure, please have a look at this post.

 

If you have any questions, please drop a line to contact(at)antmedia.io .

References:

https://docs.microsoft.com/en-us/azure/application-gateway/end-to-end-ssl-portal

Categories: Tutorial
Tags:

Related Posts

restream circle with media push plugin
Tutorial

Re-streaming Conference with Media Push Plugin

In today’s interconnected digital landscape, extending your conference’s reach to a global audience is more important than ever. Re-streaming your conference across several social media channels can greatly increase your message’s reach, engagement, and impact. Read more…

Web Player
Tutorial

How to Easily Integrate Ant Media Web Player into Your Project for Excellent Playback

The Web Player, developed by Ant Media, is a powerful live stream player specially designed to simplify the playback of server-hosted live streams. It supports various streaming protocols such as WebRTC, HLS, CMAF Dash, and Read more…

Ant Media Server Cluster using GCP Deployment Manager
Tutorial

Ant Media Server Cluster Deployment Simplified with Jinja Templates on GCP

In this guide, we’ll explore how to leverage Jinja Templates and GCP Deployment Manager to simplify the deployment of Ant Media Server clusters on GCP. We’ll delve into the fundamentals of Jinja Templates and GCP Read more…

chatsimple
Warning: Undefined array key "promocode" in /home/mirror.antmedia.io/public_html/wp-content/themes/hestia-child/footer.php on line 70