0

i have a public server that serves both web content and mpeg dash. I need to serve mpeg-dash securely. However, since port 443 is already occupied by apache, I decided to use port 446.

However, there is one client that only accepts traffic over port 443. I Need to able to serve web content and media over port 443. I tried to do virtual hosting such that if they request a media route, Apache can redirect the request to Wowza media server as follows:

<VirtualHost *:443>

        ProxyPass "/vod"  "https://example.com:446/videos/"
        ProxyPassReverse "/vod"  "https://example.com:446/videos/"

this works, and the manifest file loads, however, inside the manifest.mpd file, it describes the available chunks, and where to send the next request, which is pointed at the original 446 port.

<Location>https://example.com:446/vod/mp4:sample.mp4/manifest_w996061371.mpd</Location>

this port 446 is blocked, so its not usable...

this leads me to trying to have apache and wowza bind to a different IP addresses instead of 0.0.0.0 on port 443.

I looked up IP Aliasing and I was able to create a virtual IP address. I let apache listen to the specific virtual IP address, and wowza to the other.

However, I am not able to access this from the outside world. Even if I was able to get this virtual IP address in the public subnet of the VPC, would I have to require a new firewall rule to allow this new IP address on port 443?

I think this problem might be unsolvable

tritium_3
  • 101
  • 1

1 Answers1

1

Put wowza on a subdomain such as media.example.com using port 443. It will have the same IP address but with SNI that every modern client supports it will work fine. If you have any really, really old clients then there's a chance you'll have to get another IP or find another solution.

Tim
  • 30,383
  • 6
  • 47
  • 77