For cupertino live, we config live-edge repeater wowza media server with AES-128 internal method , If we only need to config AES module and on Edge Server? Can provide us the detail Application.xml sample on live-edge repeater situation.
Hi all,
I am trying to play the video on demand stream with AES 128 bit encryption (internal method) on the iPad.
I replay the stream many times in a short time.
when i run the stream, sometime it work normal, sometime i get the message “You are not authorized to open the file” in the ipad.
I check the logs, it is always getting to onHTTPCupertinoEncryptionKeyCreateVOD method.
But sometimes it wouldn’t show any traces of getting into the onHTTPCupertinoEncryptionKeyRequest method.
When i get the message “You are not authorized to open the file” ,the log as below:
2011-01-05 18:05:54 CST comment server INFO 200 - ModuleEncryptionHandlerCupertinoStreaming.onHTTPCupertinoEncryptionKeyCreateVOD[vod_token/_definst_/sample.mp4]: *2eae - - - 339.053 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:05:54 CST comment server INFO 200 - HTTPStreamerCupertinoIndexFile.init[vod_token/_definst_/sample.mp4]: Encrypt Cupertino stream: key: *2eae - - - 339.334 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:05:54 CST comment server INFO 200 - HTTPStreamerCupertinoIndexFile.init[vod_token/_definst_/sample.mp4]: Encrypt Cupertino stream: url: [url]http://61.219.1.119:80/vod_token/_definst_/mp4:sample.mp4/key.m3u8key[/url] - - - 339.614 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:05:58 CST comment server INFO 200 - EricTest:onStreamDestroy;sequence=40 - - - 387.007 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:05:58 CST comment server INFO 200 - removeClientListener: 6 - - - 387.272 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:05:58 CST destroy stream INFO 200 sample.mp4 - _defaultVHost_ vod_token _definst_ 37.472 61.219.1.119 80 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221759123391441979[/url] 111.82.192.196 http (cupertino) - Mozilla/5.0 (iPad; U; CPU OS 4_2_1 like Mac OS X; zh-tw) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5 1963309244 0 0 6 0 0 0 sample.mp4 token=1294221759123391441979 - - - - [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221759123391441979[/url] [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221759123391441979 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221759123391441979
2011-01-05 18:05:59 CST disconnect cupertino INFO 200 1963309244 - _defaultVHost_ vod_token _definst_ 387.803 61.219.1.119 80 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221759123391441979[/url] 111.82.192.196 http (cupertino) - Mozilla/5.0 (iPad; U; CPU OS 4_2_1 like Mac OS X; zh-tw) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5 1963309244 0 0 - 0 - - sample.mp4 token=1294221759123391441979 - - - - [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221759123391441979[/url] [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221759123391441979 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221759123391441979
2011-01-05 18:05:59 CST comment server INFO 200 - EricTest:onHTTPSessionDestroy;sequence=41 - - - 388.099 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:02 CST comment server INFO 200 - HTTPStreamerCupertinoIndexFile.init[vod_token/_definst_/sample.mp4]: Encrypt Cupertino stream: key: *59a4 - - - 347.477 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:02 CST comment server INFO 200 - HTTPStreamerCupertinoIndexFile.init[vod_token/_definst_/sample.mp4]: Encrypt Cupertino stream: url: [url]http://61.219.1.119:80/vod_token/_definst_/mp4:sample.mp4/key.m3u8key[/url] - - - 347.789 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:03 CST connect cupertino INFO 200 907388731 - _defaultVHost_ vod_token _definst_ 348.709 61.219.1.119 80 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] 111.82.192.196 http (cupertino) - AppleCoreMedia/1.0.0.8C148 (iPad; U; CPU OS 4_2_1 like Mac OS X; zh_tw) 907388731 0 0 - 0 - - sample.mp4 token=1294221946980256387625 - - - - [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625
2011-01-05 18:06:04 CST comment server INFO 200 - EricTest:onStreamCreate;sequence=42 - - - 349.021 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:04 CST create stream INFO 200 sample.mp4 - _defaultVHost_ vod_token _definst_ 0.312 61.219.1.119 80 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] 111.82.192.196 http (cupertino) - AppleCoreMedia/1.0.0.8C148 (iPad; U; CPU OS 4_2_1 like Mac OS X; zh_tw) 907388731 0 0 8 0 0 0 sample.mp4 token=1294221946980256387625 - - - - [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625
2011-01-05 18:06:04 CST comment server INFO 200 - EricTest:onHTTPSessionCreate;sequence=43 - - - 349.645 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:05 CST comment server INFO 200 - EricTest:onHTTPCupertinoStreamingSessionCreate;sequence=44 - - - 349.942 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:05 CST comment server INFO 200 - ipAddress:111.82.192.196 - - - 350.254 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:05 CST comment server INFO 200 - uri:vod_token/mp4:sample.mp4/playlist.m3u8 - - - 350.55 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:05 CST comment server INFO 200 - queryStr:token=1294221946980256387625 - - - 350.846 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:06 CST comment server INFO 200 - referrer:null - - - 351.158 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:06 CST comment server INFO 200 - cookieStr:null - - - 351.47 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:06 CST comment server INFO 200 - userAgent:AppleCoreMedia/1.0.0.8C148 (iPad; U; CPU OS 4_2_1 like Mac OS X; zh_tw) - - - 351.782 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:07 CST comment server INFO 200 - streamName:sample.mp4 - - - 352.094 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:17 CST comment server INFO 200 - HTTPStreamerCupertinoIndexFile.init[vod_token/_definst_/sample.mp4]: Encrypt Cupertino stream: key: *59a4 - - - 362.203 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:17 CST comment server INFO 200 - HTTPStreamerCupertinoIndexFile.init[vod_token/_definst_/sample.mp4]: Encrypt Cupertino stream: url: [url]http://61.219.1.119:80/vod_token/_definst_/mp4:sample.mp4/key.m3u8key[/url] - - - 362.531 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:18 CST comment server INFO 200 - HTTPStreamerCupertinoIndexFile.init[vod_token/_definst_/sample.mp4]: Encrypt Cupertino stream: key: *59a4 - - - 363.607 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:19 CST comment server INFO 200 - HTTPStreamerCupertinoIndexFile.init[vod_token/_definst_/sample.mp4]: Encrypt Cupertino stream: url: [url]http://61.219.1.119:80/vod_token/_definst_/mp4:sample.mp4/key.m3u8key[/url] - - - 363.919 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:20 CST comment server INFO 200 - EricTest:onStreamDestroy;sequence=45 - - - 409.222 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:20 CST comment server INFO 200 - removeClientListener: 7 - - - 409.518 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:21 CST destroy stream INFO 200 sample.mp4 - _defaultVHost_ vod_token _definst_ 31.762 61.219.1.119 80 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] 111.82.192.196 http (cupertino) - Mozilla/5.0 (iPad; U; CPU OS 4_2_1 like Mac OS X; zh-tw) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5 1874221778 0 342 7 0 0 0 sample.mp4 token=1294221946980256387625 sample.mp4 mp4 39115156 596.458 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625
2011-01-05 18:06:21 CST disconnect cupertino INFO 200 1874221778 - _defaultVHost_ vod_token _definst_ 410.111 61.219.1.119 80 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] 111.82.192.196 http (cupertino) - Mozilla/5.0 (iPad; U; CPU OS 4_2_1 like Mac OS X; zh-tw) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5 1874221778 0 342 - 0 - - sample.mp4 token=1294221946980256387625 sample.mp4 mp4 39115156 596.458 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625
2011-01-05 18:06:21 CST comment server INFO 200 - EricTest:onHTTPSessionDestroy;sequence=46 - - - 410.439 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:41 CST comment server INFO 200 - EricTest:onStreamDestroy;sequence=47 - - - 430.5 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:42 CST comment server INFO 200 - removeClientListener: 8 - - - 430.843 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:06:42 CST destroy stream INFO 200 sample.mp4 - _defaultVHost_ vod_token _definst_ 38.47 61.219.1.119 80 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] 111.82.192.196 http (cupertino) - AppleCoreMedia/1.0.0.8C148 (iPad; U; CPU OS 4_2_1 like Mac OS X; zh_tw) 907388731 0 0 8 0 0 0 sample.mp4 token=1294221946980256387625 - - - - [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625
2011-01-05 18:06:42 CST disconnect cupertino INFO 200 907388731 - _defaultVHost_ vod_token _definst_ 431.514 61.219.1.119 80 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] 111.82.192.196 http (cupertino) - AppleCoreMedia/1.0.0.8C148 (iPad; U; CPU OS 4_2_1 like Mac OS X; zh_tw) 907388731 0 0 - 0 - - sample.mp4 token=1294221946980256387625 - - - - [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8?token=1294221946980256387625[/url] [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625 [url]http://61.219.1.119:80/vod_token/mp4:sample.mp4/playlist.m3u8[/url] token=1294221946980256387625
2011-01-05 18:06:43 CST comment server INFO 200 - EricTest:onHTTPSessionDestroy;sequence=48 - - - 431.857 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:07:42 CST app-stop application INFO 200 _definst_ vod_token/_definst_ - - - 490.701 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:07:42 CST comment server INFO 200 - EricTest:onAppStop;sequence=49 - - - 491.029 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:17:22 CST vhost-stop vhost INFO 200 _defaultVHost_ - - - - 1070.931 - - - - - - - - - - - - - - - - - - - - - - - - -
2011-01-05 18:17:22 CST server-stop server INFO 200 - - - - - 1071.29 - - - - - - - - - - - - - - - - - - - - - - - - -
Please let me know what the problem is. Is bug?
Eric
Dear Richard:
Thanks for your reply.
We frequent replay in short time, because we want to know that
-
Wowza no stress test tools on iOS, so we want to know when many people connect to the wowza server in a short time,does the service work normal?
-
When user interrupt the stream because bandwith not enough or network suddenly crash in a wink. After the network work normal in a very short time,Can the service continute normal?
So the overlap and confusion regarding encryption key is not normal?
Will this problem will be solved by wowza team in short-time future?
Waiting your reply, thank you.
Eric
I know that this test is not reality, the same user couldn’t replay 30 times at a short time. But this service is used for a lot of iOS users.
So if one user replay two times because bandwidth not enough or network suddenly crash in a wink, only 15 users can breaking the wowza. And it could not return to the begins unless restart wowza.
Our Service is for thousands of iOS user every day.
so this situation can be happen at every day.
I don’t understand that if one user do replay can breaking the wowza server, how can i believe it could work normal in reality(if many people use this service). At first stage our service is only for iOS devices, so we can’t use the rtmp load stress tool. Because it not cupertino, on rtsp and rtmp this situation can work normal, but it not work on cupertino.
so what can i do to avoid wowza breaking?
thanks.
Eric
Hi all,
We are trying to build the internal AES-128 method on live-edge Wowza Server for iOS.
(1) We config AES-128 setting at edge server, the origin server no AES-128 setting.
From edge server log, we found the onHTTPCupertinoEncryptionKeyCreateLive method log, but we don’t find the onHTTPCupertinoEncryptionKeyRequest method log.
Then we change the cupertinoEncryptionBaseURL property to inexistent IP, it can work, why?
Application_origin
<Root>
<Application>
<!-- Uncomment to set application level timeout values
<ApplicationTimeout>60000</ApplicationTimeout>
<PingTimeout>12000</PingTimeout>
<ValidationFrequency>8000</ValidationFrequency>
<MaximumPendingWriteBytes>0</MaximumPendingWriteBytes>
<MaximumSetBufferTime>60000</MaximumSetBufferTime>
<MaximumStorageDirDepth>25</MaximumStorageDirDepth>
-->
<Connections>
<AutoAccept>true</AutoAccept>
<AllowDomains></AllowDomains>
</Connections>
<!--
StorageDir path variables
${com.wowza.wms.AppHome} - Application home directory
${com.wowza.wms.ConfigHome} - Configuration home directory
${com.wowza.wms.context.VHost} - Virtual host name
${com.wowza.wms.context.VHostConfigHome} - Virtual host config directory
${com.wowza.wms.context.Application} - Application name
${com.wowza.wms.context.ApplicationInstance} - Application instance name
-->
<Streams>
<StreamType>liverepeater-origin</StreamType>
<StorageDir>${com.wowza.wms.context.VHostConfigHome}/content</StorageDir>
<KeyDir>${com.wowza.wms.context.VHostConfigHome}/keys</KeyDir>
<!-- LiveStreamPacketizers (separate with commas): cupertinostreamingpacketizer, smoothstreamingpacketizer, sanjosestreamingpacketizer, cupertinostreamingrepeater, smoothstreamingrepeater, sanjosestreamingrepeater -->
<LiveStreamPacketizers>cupertinostreamingpacketizer, smoothstreamingpacketizer, sanjosestreamingpacketizer</LiveStreamPacketizers>
<!-- Properties defined here will override any properties defined in conf/Streams.xml for any streams types loaded by this application -->
<Properties>
<Property>
<Name>sortPackets</Name>
<Value>true</Value>
<Type>Boolean</Type>
</Property>
<Property>
<Name>sortBufferSize</Name>
<Value>750</Value>
<Type>Integer</Type>
</Property>
</Properties>
</Streams>
<!-- HTTPStreamers (separate with commas): cupertinostreaming, smoothstreaming, sanjosestreaming -->
<HTTPStreamers>cupertinostreaming,smoothstreaming,sanjosestreaming</HTTPStreamers>
<SharedObjects>
<StorageDir></StorageDir>
</SharedObjects>
<Client>
<IdleFrequency>-1</IdleFrequency>
<Access>
<StreamReadAccess>*</StreamReadAccess>
<StreamWriteAccess>*</StreamWriteAccess>
<StreamAudioSampleAccess></StreamAudioSampleAccess>
<StreamVideoSampleAccess></StreamVideoSampleAccess>
<SharedObjectReadAccess>*</SharedObjectReadAccess>
<SharedObjectWriteAccess>*</SharedObjectWriteAccess>
</Access>
</Client>
<RTP>
<!-- RTP/Authentication/[type]Methods defined in Authentication.xml. Default setup includes; none, basic, digest -->
<Authentication>
<PublishMethod>none</PublishMethod>
<PlayMethod>none</PlayMethod>
</Authentication>
<!-- RTP/AVSyncMethod. Valid values are: senderreport, systemclock, rtptimecode -->
<AVSyncMethod>senderreport</AVSyncMethod>
<MaxRTCPWaitTime>12000</MaxRTCPWaitTime>
<IdleFrequency>75</IdleFrequency>
<RTSPSessionTimeout>90000</RTSPSessionTimeout>
<RTSPMaximumPendingWriteBytes>0</RTSPMaximumPendingWriteBytes>
<RTSPBindIpAddress></RTSPBindIpAddress>
<RTSPConnectionIpAddress>0.0.0.0</RTSPConnectionIpAddress>
<RTSPOriginIpAddress>127.0.0.1</RTSPOriginIpAddress>
<IncomingDatagramPortRanges>*</IncomingDatagramPortRanges>
<!-- Properties defined here will override any properties defined in conf/RTP.xml for any depacketizers loaded by this application -->
<Properties>
</Properties>
</RTP>
<MediaCaster>
<!-- Properties defined here will override any properties defined in conf/MediaCasters.xml for any MediaCasters loaded by this applications -->
<Properties>
</Properties>
</MediaCaster>
<MediaReader>
<!-- Properties defined here will override any properties defined in conf/MediaReaders.xml for any MediaReaders loaded by this applications -->
<Properties>
</Properties>
</MediaReader>
<MediaWriter>
<!-- Properties defined here will override any properties defined in conf/MediaWriter.xml for any MediaWriter loaded by this applications -->
<Properties>
</Properties>
</MediaWriter>
<LiveStreamPacketizer>
<!-- Properties defined here will override any properties defined in conf/LiveStreamPacketizers.xml for any LiveStreamPacketizers loaded by this applications -->
<Properties>
<!-- Added by Drabek Begin -->
<Property>
<Name>cupertinoChunkDurationTarget</Name>
<Value>10000</Value>
<Type>Integer</Type>
</Property>
<Property>
<Name>cupertinoMaxChunkCount</Name>
<Value>10</Value>
<Type>Integer</Type>
</Property>
<Property>
<Name>cupertinoPlaylistChunkCount</Name>
<Value>3</Value>
<Type>Integer</Type>
</Property>
<Property>
<Name>cupertinoRepeaterChunkCount</Name>
<Value>3</Value>
<Type>Integer</Type>
</Property>
<!-- Added by Drabek End -->
</Properties>
</LiveStreamPacketizer>
<HTTPStreamer>
<!-- Properties defined here will override any properties defined in conf/HTTPStreamers.xml for any HTTPStreamer loaded by this applications -->
<Properties>
</Properties>
</HTTPStreamer>
<Repeater>
<OriginURL></OriginURL>
<QueryString><![CDATA[]]></QueryString>
</Repeater>
<Modules>
<Module>
<Name>base</Name>
<Description>Base</Description>
<Class>com.wowza.wms.module.ModuleCore</Class>
</Module>
<Module>
<Name>properties</Name>
<Description>Properties</Description>
<Class>com.wowza.wms.module.ModuleProperties</Class>
</Module>
<Module>
<Name>logging</Name>
<Description>Client Logging</Description>
<Class>com.wowza.wms.module.ModuleClientLogging</Class>
</Module>
<Module>
<Name>flvplayback</Name>
<Description>FLVPlayback</Description>
<Class>com.wowza.wms.module.ModuleFLVPlayback</Class>
</Module>
<Module>
<Name>AccessControlModule</Name>
<Description>The Module for Access Control</Description>
<Class>com.chtd.media.wowza.AccessControlModule</Class>
</Module>
</Modules>
<!-- Properties defined here will be added to the IApplication.getProperties() and IApplicationInstance.getProperties() collections -->
<Properties>
<Property>
<Name>smoothStreamingMediaMajorVersion</Name>
<Value>2</Value>
<Type>Integer</Type>
</Property>
</Properties>
</Application>
</Root>
Application_edge
<Root>
<Application>
<!-- Uncomment to set application level timeout values
<ApplicationTimeout>60000</ApplicationTimeout>
<PingTimeout>12000</PingTimeout>
<ValidationFrequency>8000</ValidationFrequency>
<MaximumPendingWriteBytes>0</MaximumPendingWriteBytes>
<MaximumSetBufferTime>60000</MaximumSetBufferTime>
<MaximumStorageDirDepth>25</MaximumStorageDirDepth>
-->
<Connections>
<AutoAccept>true</AutoAccept>
<AllowDomains></AllowDomains>
</Connections>
<!--
StorageDir path variables
${com.wowza.wms.AppHome} - Application home directory
${com.wowza.wms.ConfigHome} - Configuration home directory
${com.wowza.wms.context.VHost} - Virtual host name
${com.wowza.wms.context.VHostConfigHome} - Virtual host config directory
${com.wowza.wms.context.Application} - Application name
${com.wowza.wms.context.ApplicationInstance} - Application instance name
-->
<Streams>
<StreamType>liverepeater-edge</StreamType>
<StorageDir>${com.wowza.wms.context.VHostConfigHome}/content</StorageDir>
<KeyDir>${com.wowza.wms.context.VHostConfigHome}/keys</KeyDir>
<!-- LiveStreamPacketizers (separate with commas): cupertinostreamingpacketizer, smoothstreamingpacketizer, sanjosestreamingpacketizer, cupertinostreamingrepeater, smoothstreamingrepeater, sanjosestreamingrepeater -->
<LiveStreamPacketizers>cupertinostreamingrepeater, smoothstreamingrepeater, sanjosestreamingrepeater</LiveStreamPacketizers>
<!-- Properties defined here will override any properties defined in conf/Streams.xml for any streams types loaded by this application -->
<Properties>
<Property>
<Name>sortPackets</Name>
<Value>true</Value>
<Type>Boolean</Type>
</Property>
<Property>
<Name>sortBufferSize</Name>
<Value>750</Value>
<Type>Integer</Type>
</Property>
</Properties>
</Streams>
<!-- HTTPStreamers (separate with commas): cupertinostreaming, smoothstreaming -->
<HTTPStreamers>cupertinostreaming,smoothstreaming,sanjosestreaming</HTTPStreamers>
<SharedObjects>
<StorageDir></StorageDir>
</SharedObjects>
<Client>
<IdleFrequency>-1</IdleFrequency>
<Access>
<StreamReadAccess>*</StreamReadAccess>
<StreamWriteAccess>*</StreamWriteAccess>
<StreamAudioSampleAccess></StreamAudioSampleAccess>
<StreamVideoSampleAccess></StreamVideoSampleAccess>
<SharedObjectReadAccess>*</SharedObjectReadAccess>
<SharedObjectWriteAccess>*</SharedObjectWriteAccess>
</Access>
</Client>
<RTP>
<!-- RTP/Authentication/[type]Methods defined in Authentication.xml. Default setup includes; none, basic, digest -->
<Authentication>
<PublishMethod>none</PublishMethod>
<PlayMethod>none</PlayMethod>
</Authentication>
<!-- RTP/AVSyncMethod. Valid values are: senderreport, systemclock, rtptimecode -->
<AVSyncMethod>senderreport</AVSyncMethod>
<MaxRTCPWaitTime>12000</MaxRTCPWaitTime>
<IdleFrequency>75</IdleFrequency>
<RTSPSessionTimeout>90000</RTSPSessionTimeout>
<RTSPMaximumPendingWriteBytes>0</RTSPMaximumPendingWriteBytes>
<RTSPBindIpAddress></RTSPBindIpAddress>
<RTSPConnectionIpAddress>0.0.0.0</RTSPConnectionIpAddress>
<RTSPOriginIpAddress>127.0.0.1</RTSPOriginIpAddress>
<IncomingDatagramPortRanges>*</IncomingDatagramPortRanges>
<!-- Properties defined here will override any properties defined in conf/RTP.xml for any depacketizers loaded by this application -->
<Properties>
</Properties>
</RTP>
<MediaCaster>
<!-- Properties defined here will override any properties defined in conf/MediaCasters.xml for any MediaCasters loaded by this applications -->
<Properties>
<Property>
<Name>streamTimeout</Name>
<Value>15000</Value>
<Type>Integer</Type>
</Property>
</Properties>
</MediaCaster>
<MediaReader>
<!-- Properties defined here will override any properties defined in conf/MediaReaders.xml for any MediaReaders loaded by this applications -->
<Properties>
</Properties>
</MediaReader>
<MediaWriter>
<!-- Properties defined here will override any properties defined in conf/MediaWriter.xml for any MediaWriter loaded by this applications -->
<Properties>
</Properties>
</MediaWriter>
<LiveStreamPacketizer>
<!-- Properties defined here will override any properties defined in conf/LiveStreamPacketizers.xml for any LiveStreamPacketizers loaded by this applications -->
<Properties>
<!-- Added by Drabek Begin -->
<Property>
<Name>cupertinoChunkDurationTarget</Name>
<Value>10000</Value>
<Type>Integer</Type>
</Property>
<Property>
<Name>cupertinoMaxChunkCount</Name>
<Value>10</Value>
<Type>Integer</Type>
</Property>
<Property>
<Name>cupertinoPlaylistChunkCount</Name>
<Value>3</Value>
<Type>Integer</Type>
</Property>
<Property>
<Name>cupertinoRepeaterChunkCount</Name>
<Value>3</Value>
<Type>Integer</Type>
</Property>
<!-- Added by Drabek End -->
</Properties>
</LiveStreamPacketizer>
<HTTPStreamer>
<!-- Properties defined here will override any properties defined in conf/HTTPStreamers.xml for any HTTPStreamer loaded by this applications -->
<Properties>
</Properties>
</HTTPStreamer>
<Repeater>
<OriginURL>rtmp://172.16.41.53:80/live_token</OriginURL>
<QueryString><![CDATA[]]></QueryString>
</Repeater>
<Modules>
<Module>
<Name>base</Name>
<Description>Base</Description>
<Class>com.wowza.wms.module.ModuleCore</Class>
</Module>
<Module>
<Name>properties</Name>
<Description>Properties</Description>
<Class>com.wowza.wms.module.ModuleProperties</Class>
</Module>
<Module>
<Name>logging</Name>
<Description>Client Logging</Description>
<Class>com.wowza.wms.module.ModuleClientLogging</Class>
</Module>
<Module>
<Name>flvplayback</Name>
<Description>FLVPlayback</Description>
<Class>com.wowza.wms.module.ModuleFLVPlayback</Class>
</Module>
<Module>
<Name>AccessControlModule</Name>
<Description>The Module for Access Control</Description>
<Class>com.chtd.media.wowza.AccessControlModule</Class>
</Module>
<Module>
<Name>ModuleRequireSecureConnection</Name>
<Description>ModuleRequireSecureConnection</Description>
<Class>com.wowza.wms.plugin.security.ModuleRequireSecureConnection</Class>
</Module>
<Module>
<Name>Hotlink Denial</Name>
<Description>Hotlink Denial Module</Description>
<Class>com.wowza.wms.plugin.collection.module.ModuleHotlinkDenial</Class>
</Module>
</Modules>
<!-- Properties defined here will be added to the IApplication.getProperties() and IApplicationInstance.getProperties() collections -->
<Properties>
<Property>
<Name>smoothStreamingMediaMajorVersion</Name>
<Value>2</Value>
<Type>Integer</Type>
</Property>
<Property>
<Name>cupertinoEncryptionBaseURL</Name>
<Value>http://61.222.123.65:80</Value>
</Property>
<Property>
<Name>cupertinoEncryptionSharedSecret</Name>
<Value>enckeysharedsecret</Value>
</Property>
<Property>
<Name>cupertinoEncryptionLiveRepeaterSharedSecret</Name>
<Value>mysharedsecret</Value>
</Property>
</Properties>
</Application>
</Root>
(2) We config AES-128 setting at origin server, and set cupertinoEncryptionBaseURL property to one edge server.
It work,and we can find the onHTTPCupertinoEncryptionKeyCreateLive and onHTTPCupertinoEncryptionKeyRequest Method logs.
But we have two or more edge servers, the cupertinoEncryptionBaseURL property just can set to one edge server url.
How can i set to get key from dividual edge server not the one edge server?
Application_origin
<Properties>
<Property>
<Name>smoothStreamingMediaMajorVersion</Name>
<Value>2</Value>
<Type>Integer</Type>
</Property>
<Property>
<Name>cupertinoEncryptionBaseURL</Name>
<Value>http://61.222.123.65:80</Value>
</Property>
<Property>
<Name>cupertinoEncryptionSharedSecret</Name>
<Value>enckeysharedsecret</Value>
</Property>
<Property>
<Name>cupertinoEncryptionLiveRepeaterSharedSecret</Name>
<Value>mysharedsecret</Value>
</Property>
</Properties>
Application_edge
<Properties>
<Property>
<Name>smoothStreamingMediaMajorVersion</Name>
<Value>2</Value>
<Type>Integer</Type>
</Property>
<Property>
<Name>cupertinoEncryptionBaseURL</Name>
<Value>http://61.222.123.65:80</Value>
</Property>
<Property>
<Name>cupertinoEncryptionSharedSecret</Name>
<Value>enckeysharedsecret</Value>
</Property>
<Property>
<Name>cupertinoEncryptionLiveRepeaterSharedSecret</Name>
<Value>mysharedsecret</Value>
</Property>
</Properties>
(3) This situation make us confusing the internal AES-128 mechanism, how can us know
that it really has AES-128 protection?
Thank you for your reply.
Eric
dear Richard & Wowza support team:
Thank you for your reply.
But we have other questions about this.
(1) In origin-edge framework, which server generate key? And which server do AES-128 encrytion?
(2) We use two client , one is rtsp client,the other one is cupertion client.
We find origin server send twince flow traffic than one client to edge server.
Is this correct? Why not send one rtmp flow traffice to edge server?
Thanks.
Eric
dear Richard:
I am still confused that which server to do encryption.
(1)Because we use the random vlaue to be the part of encryption key.
So if origin server do encryption, origin server must send individual encryption content to edge server.
Because every session’s key is not the same. So which point is that i make the mistake?
(2) In edge server’s Application.xml, we set the OriginURL property is rtmp://origin_server_ip/live_token.
Is this not to say that origin server use send the live content to edge by rtmp?
Thank you for your reply.
Eric
I did everything like it is in internal method tutorial (https://www.wowza.com/docs/how-to-use-the-internal-method-of-aes-128-encryption-to-secure-live-or-vod-streams-sent-to-apple-ios-devices-moduleencryptionhandlercupertinostreaming) and everything works on iphone/ipad. Problem comes when I’m using https. I’m only using https to get key. I followed this:
https://www.wowza.com/docs/how-to-request-an-ssl-certificate-from-a-certificate-authority
And in section “Submit the CSR to a Certificate Authority” i signed csr by my own CA that I added to iphone trusted ca’s.
But when iphone is requesting https… key it just crash (I see that from wowza site everything is ok)
So… I think that iphone does not know which cert it should use, what properties should have CAcert or generated cert?
And what about this line: keytool -import -alias root -trustcacerts -file [filename-of-chain-certificate] -keystore ssl.mycompany.com.cert ?
this chain certificate shoudl be new_cert + ca or just ca? it should be chain of trust?
pm
But I added my selfsigned CA cert as profile on iphone, so it should trust it and CERT used by wowza server is signed by this CA.
this may be also about server name
on apache it’s set up by ServerName, how to set it up on WowzA?
Ok i fixed it! I deleted truststore.sqlite it seems that removing profile does not remove trusted cert! so old certs are assigned to domain anyway and new cert is rejected