[FFmpeg-user] HTTP live streaming with aes encrpytion

Luke l1 at newanswertech.com
Wed Jun 18 10:43:26 CEST 2014

On Wed, 18 Jun 2014, Moritz Barsnick wrote:

> On Wed, Jun 18, 2014 at 14:31:02 +0800, 陈晨 wrote:
>> <http://dryize.wordpress.com/2014/04/02/protected-hls-using-ffmpeg-and-openssl/>.
>> But it's so complicated.
> NB: I have no idea of how to avoid putting the key there, and instead
> giving it to the user in some other protected manner. What's the point
> of encrypting if everyone can get the key?

Presumably one is going to then protect the key file with some .htaccess 
directives to require passwords and such.  At least, that is what I would do if 
I had to store the key in the playlist directory.

How to do that is not specified in the article, but it could easily be done at a 
higher level directory, or by adding something to the script to copy in an 
.htaccess file from another place.

Or maybe something entirely different was intended, but that was the only 
explanation I could come up with for why putting the key file there was 
at all reasonable.


More information about the ffmpeg-user mailing list