RTMPS: Support RTMPS for security transport. #3650
Replies: 5 comments
This comment has been minimized.
This comment has been minimized.
-
For a commercial version, it's better to use server brands like Wowza and AMS, and for convenience, security, and stability, it's better to use Alibaba Cloud and Tencent Cloud. |
Beta Was this translation helpful? Give feedback.
-
From an open-source perspective, whether RTMPS must be supported, I have thought about it for a while:
So I think the value of this issue may not be as great as everyone imagines. Some friends in the WeChat group also said that it is actually very quick to support RTMP by referring to SRS's HTTPS implementation. If any friends have supported it, please feel free to submit a patch, and I will consider opening a branch. Whether to merge it into the main branch, I need to think about it some more, please give me some time. |
Beta Was this translation helpful? Give feedback.
This comment has been minimized.
This comment has been minimized.
-
The method for NGINX to support RTMPS is to use a separate tunnel: Configure a pre-RTMPS to plaintext streaming service: stream {
upstream publish {
server 127.0.0.1:19361;
}
server {
listen 1936 ssl; # additional port for publishing
proxy_pass publish;
ssl_certificate /etc/letsencrypt/live/rtmp.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/rtmp.example.com/privkey.pem;
allow 192.0.2.1; # allow publish from this IP
allow 192.0.2.0/24; # -- also supports CIDR notation!
deny all; # deny publish from the rest
}
upstream live {
server 127.0.0.1:19351;
}
server {
listen 1935 ssl; # standard RTMP(S) port
proxy_pass live;
ssl_certificate /etc/letsencrypt/live/rtmp.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/rtmp.example.com/privkey.pem;
allow all; # this is public (this is also the default)
}
} Then it's the RTMP service behind: rtmp {
server {
listen 127.0.0.1:19361;
chunk_size 4096;
application secret-key {
live on;
record off;
allow publish 127.0.0.1; # publishing through rtmps://rtmp.example.com:1936
allow play 127.0.0.1; # for the pull from rtmp://localhost:19351/live
}
}
server {
listen 127.0.0.1:19351;
chunk_size 4096;
application live {
live on;
record off;
deny publish all; # no need to publish on /live -- IMPORTANT!!!
allow play 127.0.0.1; # playing through rtmps://rtmp.example.com:1935/live
pull rtmp://127.0.0.1:19361/secret-key;
}
}
} For more details, you can refer to this link It's quite complicated to use, and it's worth making it simpler. For example, in Cloud SRS, FFmpeg is used to directly forward: However, it needs to support key matching and cannot randomly select streams. Also, it needs to support forwarding of multiple streams, and currently, it can only support one stream. |
Beta Was this translation helpful? Give feedback.
-
Description
Platforms like Facebook abroad require encrypted transmission for security reasons, and they require support for the RTMPS protocol for streaming. It is hoped that SRS can also add this protocol.
Expected Behavior
It is hoped that SRS can add support for the RTMPS protocol to ensure the security of streaming.
TRANS_BY_GPT3
Beta Was this translation helpful? Give feedback.
All reactions