This topic shows you how to configure the digital rights management (DRM) encryption feature in the Alibaba Cloud Management Console. To use DRM encryption, you must upload a certificate and configure a key, a transcoding template, and ApsaraVideo Player.
Prerequisites
- ApsaraVideo Live is activated. Basic operations are complete. For example, you must add a streaming domain and an ingest domain, and then bind the ingest domain to the streaming domain. For more information, see Quick start.
- Alibaba Cloud Key Management Service (KMS) is activated. For more information, see Activate KMS.
- A FairPlay Streaming certificate is obtained if you use iOS. Keep your certificate, private key, passphrase, and Application Secret key (ASk) confidential. For more information, see Apply for a FairPlay Streaming certificate.
Background information
The DRM encryption feature is provided by ApsaraVideo Live to ensure security. FairPlay and Widevine DRM encryption technologies are supported. You can add and manage certificates in the ApsaraVideo Live console to encrypt live streams, and use ApsaraVideo Player to decrypt and play DRM-encrypted live streams. For more information, see DRM encryption.
Limits
Item | Description |
---|---|
Management method | You cannot configure DRM encryption by calling API operations. Instead, you must configure DRM encryption in the ApsaraVideo Live console. |
Live centers | DRM encryption is available only in the live centers of the China (Shanghai), Singapore (Singapore), and Indonesia (Jakarta) regions. |
Method to enable DRM encryption | If you enable DRM encryption for a domain name for the first time, you must submit a ticket. |
Player version | DRM is supported only for ApsaraVideo Player V5.3.4 and later. |
Configure DRM encryption in the console
You must upload a certificate, create a key, add the key, and configure a transcoding template in the Alibaba Cloud Management Console before you can use DRM encryption.
Enable DRM encryption
If you enable DRM encryption for a domain name for the first time, you must submit a ticket.
Obtain a DRM-encrypted streaming URL
http://demo.aliyundoc.com
/liveApp****/liveStream****?auth_key=12345****
- Specify the appname, streamname, and groupid fields based on your live stream information. For more information, see Ingest and streaming URLs.
- The auth_key field indicates an access token. For more information, see URL signing.
- You can construct a DRM-encrypted streaming URL based on the concatenation rules.
- You can use the URL generator to generate a streaming URL based on the configurations of your transcoding template. For more information, see URL generator.
- You can go to the Stream Management page to view the streaming URL of the live stream. For more information, see Manage streams.
Configure ApsaraVideo Player
- The version of ApsaraVideo Player must be V5.3.4 or later. You can use FairPlay DRM encryption for iOS and Widevine DRM encryption for Android.
- If you use ApsaraVideo Player for Android, we recommend that you use SurfaceView to play live streams with a high security level.
- If you use ApsaraVideo Player for iOS, you must call the setFairPlayCertID method of AliPlayerGlobalSettings to specify the ID of your FairPlay Streaming certificate. This method needs to be called only once. To obtain the ID of the FairPlay Streaming certificate, go to the ApsaraVideo Live console, click Certificates tab. in the left-side navigation pane, and then click the