Can't play live streaming after SHA256 using wowza Security token V2 - live-streaming

I am using Wowza Stream Engine and I Enabled Outgoing security with Wowza SecurityToken Version 2.5.9
I am trying to do a client server authentication. I followed following steps as described in
https://www.wowza.com/docs/how-to-protect-streaming-using-securetoken-in-wowza-streaming-engine
Following are the configuration I set in wowza playback security
And here is my incoming stream
The issue is when I run the resulted url after encoding with SHA256 and converting it to Base 64 as per instructed in the above documentation link. It gives me 403 Access Denied Error. But when I removed my PlayBack security in wowza engine. It streams perfect.
Has anyone experienced same issue using wowza Streaming Engine and GoCoder for source streaming.

Related

How do I encrypt Video Files in Amazon S3 Storage for Video Streaming?

Possible Doing
While Netflix uses Amazon S3 for Video Streaming, they tend to use encrypted video files and stream it as it is. How we can encrypt video files so it is secured against video piracy and others.
What I want to achieve
Most of the content is stored in a compressed and encrypted format and streamed as is. They are compressed using a lossy audio/video codec such as MPEG or H. 264. The compressed data is encrypted using a Digital Rights Management system.
How myself can encrypt the video files and stream it with iframe for websites?
There are many possible ways that a person can stream videos and secure.
Origin blocking (Origin, CORS, Referrer)
Embed busting
Tokenized URLs
Generic token
Advanced user specific tokens
Login/Paywall
Stream encryption
DRM (Digital Rights Management)
There are Modern Techniques like.
Domain filtering
Referrer filtering
Embed buster
Session token
AES encryption.
Link might be helpful for you to secure the video streaming service using Nginix. https://gist.github.com/mrbar42/09c149059f72da2f09e652d4c5079919

How to assure that data gets encrypted when using POST in httpClient

I'm making app with VS 2017 and Xamarin. I plan to send username and password (in request body) to my server with httpClient (Android), PostAsync().
I have seen examples like the answer at
Send HTTP Post request in Xamarin Forms C# and just wonder if there is a way to check that the data beeing sent is really encrypted.
I know from https://blog.xamarin.com/securing-web-requests-with-tls-1-2/ that the httpClient would automatically encrypt messages.
Greetings
If you connect to your server using SSL the data you send will be encrypted. This can be achieved by simply using the https:// prefix when connecting to your server as opposed to the regular http prefix.
As you said that you are using SSL on your server I shall not go into the ins and outs of implementing it as it is very different on every platform. For anyone reading this in the future a great starting point is using LetsEncrypt if you're on a budget as it is free (although you do have to refresh your certificate every so often).
To verify that the data is encrypted you can use a program called Wireshark whilst debugging in an Android Emulator. The instructions are pretty clear within wireshark but on sending the request from your android phone select the domain/ip from the wireshark panel and view the information from that request. If you are using SSL right the data should be encrypted.

Is the S3 Protocol encrypted in transmission when using the SDK?

if I'm using the AmazonS3Client to put and fetch files, is my connection encrypted? This seems basic, but my googling seems to return things about encrypting the S3 storage and not whether the transmission from this client is secure. If it's not secure is there a setting to make it secure?
Amazon S3 endpoints support both HTTP and HTTPS. It is recommended that you communicate via HTTPS to ensure your data is encrypted in transit.
You can also create a Bucket Policy that enforces communication via HTTPS. See:
Stackoverflow: Force SSL on Amazon S3
Sample policy: s3BucketPolicyEncryptionSSL.json

I have an SSL everywhere site and I'm getting errors pulling content from my azure video streaming service

I'm using SSL in my whole site so I get errors when I pull video streaming content from my azure media services account. All of the urls I get for origin server streaming content when I publish are http. I need them to be https. Is there anyway I can configure the origin service or something I can do before I publish to make the service serve these requests with SSL?
Unfortunately Windows Azure Media Services (WAMS) doesn't support Https.
The formats for streaming, like HLS, are actually transfer formats like Http. HLS doesn't by nature support HTTPS. Instead it has other content protection mechanisms, WAMS uses HLS + 128-bit AES. All of the content transferred in the stream is encrypted by AES.
Depending on your security requirements, you shouldn't need to serve the requests with https. The request that retrieves the origin locator url should be https already, the request that stores it in your database should be https, the request that provides the url to a client should be https, so with the default AES encryption it's entirely secure.

Is there a way to configure Azure blob storage to use my domain SSL certificate?

I have my application running http. Some content is at mydomain.com and some content is stored in blob storage with a custom domain setup of media.mydomain.com. This is all working perfectly. Now when I start working on SSL support, I get warnings that I requested content from media.mydomain.com but received content from (standard blob storage url). I've read through the tutorials and guides and none of them seem to touch on SSL.
Is there a configuration in the container somewhere to install my certificate? Or am I forced to load SSL content from the standard content URL instead of my custom domain?
Windows Azure Blob storage does support HTTPs endpoint so blobs can be accessed over HTTPS however you can not add your own or 3rd party SSL certificate to your Windows Azure Blob Storage endpoint.