Using default content protection

Origin Server applies the default certificates from the root configuration file to enable HDS and HLS content protection using default certificates on any stream.

Enable the ContentProtection tag in the config.xml file. The root configuration file (server.xml) is located in the httporigin/conf directory. Following is a sample root configuration file:
<Config>
    <ContentProtection>
        <FAXS4>
            <LicenseServerURL>http://primetime.aaxs.adobe.com </LicenseServerURL>
            <LicenseServerCertificate>creds/static/phds_license_server.der</LicenseServerCertificate>
            <LicenseServerCredential>creds/static/phds_license_server.pfx</LicenseServerCredential>
            <LicenseServerCredentialPassword>xxxxxxxxxxx</LicenseServerCredentialPassword>
            <PackagerCredential>creds/static/phds_production_packager.pfx</PackagerCredential>
            <PackagerCredentialPassword>xxxxxxxxxxx</PackagerCredentialPassword>
            <TransportCertificate>creds/static/phds_production_transport.der</TransportCertificate>
            <CommonKey>creds/common-key.bin</CommonKey>
            <PolicyFile>creds/static/phds_policy.pol</PolicyFile>
            <RecipientCertificates>creds/sd</RecipientCertificates>
        </FAXS4>
    </ContentProtection>
</Config>
Configuration Details
ContentID Content ID used to generate the CEK. It's an optional parameter. If value is not provided, stream ID is used for live case. For VOD, relative asset path is used.
KeyRotation Specifies whether the key rotation feature is enabled. The values can be true or false. It's an optional parameter. Default value is false.
KeyRotationInterval Time interval in seconds during which the same rotation key is used to encrypt content samples. It's an optional parameter. Default value is 900 seconds.
LicenseServerUrl The license server's URL.
KeyServerURL The key server's URL.
LicenseServerCertificate Path of the file containing license server certificate.
RecipientCertificates Path to the directory containing the shared domain certificates. It is an optional parameter. If RecipientCertificates path is not provided for EmbedLicense protection scheme in stream.xml/vod.xml, the path is taken from the root configuration.
LicenseServerCredential Path of the . pfx file containing license server credential.
LicenseServerCredentialPassword Password to encrypt license server credential.
PackagerCredential Path of the . pfx file containing packager credential.
PackagerCredentialPassword Password for protecting packager credential.
TransportCertificate Path of the file containing transport certificate.
PolicyFile Path of the file containing policy.
CommonKey File containing common key of size at least 16-bytes. Common key is used together with content ID to derive CEK.
WhitelistFolder Path of folder containing whitelist app information. This is only used with PHDS/PHLS. It's an optional parameter.