How to Enable SSL for Azure Application Gateway For Scaling Azure Ant Media Solution

Published by Murat AYDIN on

Try Live Demo

While setting up a scaling Azure Ant Media Solution, SSL needs to be set up for Azure Application Gateway, which acts as a load balancer.

SSL is required for enabling mic and camera in browsers. Otherwise, WebRTC will not work. In this post, I will explain how to enable SSL for Azure Application Gateway. Application Gateway is used for load balancing in a clustering Azure solution. Please have a look at this document for enabling SSL for standalone servers.

We are going to use Let’s Encrypt for enabling SSL. Let’s Encrypt is a FREE, automated and open Certificate Authority brought to you by the non-profit Internet Security Research Group (ISRG) and supported by big corps such as Google, Facebook, Microsoft, and many others, to have a more secure and privacy-respecting Web.

Create Certificate

  1. Open a terminal.
  2. Install certbot 
    sudo apt-get install certbot
  3. Executed the following command by writng your email address and your domain. 
    sudo certbot certonly --email your_email_address -d your_domain --agree-tos --manual

Screen Shot 2019 12 12 at 01.11.40
  4. Follow the instructions and press Enter to continue.
  5. After successful operation, terminal output should something like belowScaling Azure Ant Media

Create PFX for Azure Application Gateway

We need a PFX file for Azure Application Gateway and we can create it using openssl by using
the files(cert.pem, chain.pem, fullchain.pem, privkey.pem) which are created under /etc/letsencrypt/live/{Your_Domain} in previous step.

Run the below command to have PFX file

sudo openssl pkcs12 -inkey ./privkey.pem -in ./cert.pem -export -out murat.antmedia.io.pfx

Now we have the PFX file.

Create Azure Application Gateway with Certificate for Scaling Azure Ant Media Solution

When creating the Azure Application Gateway, we will provide this certificate.

  • Upload certificate while creating rule (https_5443_edge) rule and provide a name and password for the certificate.

Upload certificate while creating https_5443_edge rule and provide a name for the certificate

  • While creating the listener for the https_443_origin rule, use the certificate which is previously uploaded.

Use the certificate previously uploaded for the listener which is created for the https_443_origin rule

After that, you can open your Ant Media Server instance with https://your_domain url. For the full guide that describes setting up a clustering solution in Azure, please have a look at this post.

 

If you have any questions, please drop a line to contact(at)antmedia.io .

References:

https://docs.microsoft.com/en-us/azure/application-gateway/end-to-end-ssl-portal

Categories: Tutorial
Tags:

Related Posts

Amazon CloudFront
Tutorial

Streaming Success: Mastering HLS Delivery with CloudFront & S3

Embarking to scale HLS delivery to a global audience demands more than technical prowess—it requires a strategic blend of innovation and reliability. Imagine millions of eager viewers awaiting seamless streaming experiences, powered by a robust Read more…

Live Streaming Cost Comparison
Tutorial

Choosing the Best Live Streaming Service for Your Budget – Dolby vs Agora vs NanoCosmos vs AWS IVS vs Ant Media Server

When it comes to selecting a media server solution for your live streaming needs, pricing is an important factor to consider. Finding a balance between functionality, quality, and affordability is crucial. In this blog post, Read more…

Untitled design 2
Tutorial

Azure Resource Manager Amplified: Ant Media Server Cluster Deployment on Azure Made Easy

Welcome to the future of streaming on Azure with Azure Resource Manager and Ant Media Server! In this guide, we’ll show you how to effortlessly deploy and scale your Ant Media Server cluster infrastructure on Read more…

chatsimple