Using default content protection

Origin Server applies the default certificates from the root configuration file to enable HDS and HLS content protection using default certificates on any stream.

Enable the ContentProtection tag in the config.xml file. The root configuration file (server.xml) is located in the httporigin/conf directory. Following is a sample root configuration file:

<Config>
    <ContentProtection>
        <FAXS4>
            <LicenseServerURL>http://primetime.aaxs.adobe.com </LicenseServerURL>
            <LicenseServerCertificate>creds/static/phds_license_server.der</LicenseServerCertificate>
            <LicenseServerCredential>creds/static/phds_license_server.pfx</LicenseServerCredential>
            <LicenseServerCredentialPassword>xxxxxxxxxxx</LicenseServerCredentialPassword>
            <PackagerCredential>creds/static/phds_production_packager.pfx</PackagerCredential>
            <PackagerCredentialPassword>xxxxxxxxxxx</PackagerCredentialPassword>
            <TransportCertificate>creds/static/phds_production_transport.der</TransportCertificate>
            <CommonKey>creds/common-key.bin</CommonKey>
            <PolicyFile>creds/static/phds_policy.pol</PolicyFile>
            <RecipientCertificates>creds/sd</RecipientCertificates>
        </FAXS4>
    </ContentProtection>
</Config>

Configuration	Details
ContentID	Content ID used to generate the CEK. It's an optional parameter. If value is not provided, stream ID is used for live case. For VOD, relative asset path is used.
KeyRotation	Specifies whether the key rotation feature is enabled. The values can be true or false. It's an optional parameter. Default value is false.
KeyRotationInterval	Time interval in seconds during which the same rotation key is used to encrypt content samples. It's an optional parameter. Default value is 900 seconds.
LicenseServerUrl	The license server's URL.
KeyServerURL	The key server's URL.
LicenseServerCertificate	Path of the file containing license server certificate.
RecipientCertificates	Path to the directory containing the shared domain certificates. It is an optional parameter. If RecipientCertificates path is not provided for EmbedLicense protection scheme in stream.xml/vod.xml, the path is taken from the root configuration.
LicenseServerCredential	Path of the . pfx file containing license server credential.
LicenseServerCredentialPassword	Password to encrypt license server credential.
PackagerCredential	Path of the . pfx file containing packager credential.
PackagerCredentialPassword	Password for protecting packager credential.
TransportCertificate	Path of the file containing transport certificate.
PolicyFile	Path of the file containing policy.
CommonKey	File containing common key of size at least 16-bytes. Common key is used together with content ID to derive CEK.
WhitelistFolder	Path of folder containing whitelist app information. This is only used with PHDS/PHLS. It's an optional parameter.