Ceci est une ancienne révision du document !
! … et bien voilà, je voulais documenter la sécurisation https de subsonic, je ne l'ai pas fait, et j'ai mis à jour… #crap
I found this topic while trying to implement my SSL certificate (purchased from comodo), and after some more research I found this solution (for Ubuntu 14.04, but should work for most other Linux releases).
To generate a .keystore certificate you need your .key .crt and ca.crt files (ca.crt is Intermediate CA Certificate, in my case COMODORSAAddTrustCA.crt)
You could also generate your own self-signed certificate (openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt
)
Convert x509 Cert and Key to a pkcs12 (remember to set some_password), as [some-alias] I used subsonicopenssl pkcs12 -export -in server.crt -inkey server.key -out server.p12 -name [some-alias] -CAfile ca.crt -caname root
Convert the pkcs12 file to a java keystorekeytool -importkeystore -deststorepass [new_password] -destkeypass [new_password] -destkeystore server.keystore -srckeystore server.p12 -srcstoretype PKCS12 -srcstorepass [some_password] -alias [some-alias]
edit /ust/bin/subsonic file and add following lines (I added them after -Dsubsonic.httpsPort)Dsubsonic.ssl.keystore=/opt/apps/subsonic/server.keystore \'' Dsubsonic.ssl.password=[new_password] \''
enable ssl connection in /etc/default/subsonicSUBSONIC_ARGS="--port=9090 --https-port=9091 --max-memory=512"