Thanks for making such a great module for supporting RTMP and HLS in nginx, I realy like it.
But I've a question about the HLS AES keys.
Because the event holder wants some kind of protection on the stream I'd like to use AES encryption.
As far as I can see each nginx instance create its own key pool. In my own situation I want to use DNS round robin with around 4 nginx instances.
The keys are published in the playlist, but the client could fetch a fragment from an another server.
I know that I can publish full url's to the FQDN of the server, but is there a possible solution to create something like a central managed key pool?
Like nginx asks a remote url (PHP file maybe) with the key sequence number (streamname-keysequencenumber.key eg streamname-340.key) and the PHP file generated at the first call and gives out the same key to other instances.
This would clean up my DNS records.
And I only have to use 1 SSL certificate instead of per server a SSL certificate.
Tinywan
commented
7 years ago
Thanks for making such a great module for supporting RTMP and HLS in nginx, I realy like it. But I've a question about the HLS AES keys.
Because the event holder wants some kind of protection on the stream I'd like to use AES encryption.
As far as I can see each nginx instance create its own key pool. In my own situation I want to use DNS round robin with around 4 nginx instances.
The keys are published in the playlist, but the client could fetch a fragment from an another server. I know that I can publish full url's to the FQDN of the server, but is there a possible solution to create something like a central managed key pool?
Like nginx asks a remote url (PHP file maybe) with the key sequence number (streamname-keysequencenumber.key eg streamname-340.key) and the PHP file generated at the first call and gives out the same key to other instances.
This would clean up my DNS records. And I only have to use 1 SSL certificate instead of per server a SSL certificate.