OoyalaREVIEW supports playback for encrypted segmented assets. At present, we support encryption for HLS assets using an AES-128 encryption.
You must set up your account’s CDN resource so that it uses an S3 bucket in Ooyala Flex Core:
Create a new CDN Storage Resource.
Click the Configuration sub-tab.
Configure the following fields for the resource’s read location:
Configure the following fields for the resource’s write location:
Click Save, to save the configuration.
Click Start, to start the resource.
Navigate to the configuration section for your account, click the Metadata tab, and set the Publish CDN resource so that it uses the one you have just created.
Enable Flex NGINX Proxy for S3 assets in the OoyalaREVIEW app, by setting the following consul keys:
flex/flex-reviewer-app/enableS3Proxyto “Yes” (This key is exclusive for OoyalaREVIEW. MAM already requests S3 assets from the Flex NGINX Proxy).
flex/flex-reviewer-app/proxyBaseUrlto the URL of your Flex NGINX Proxy instance(s). If you are already accessing the OoyalaREVIEW app from the Flex NGINX Proxy, then the domain name should be the same.
Configure an instance profile with access to your S3 bucket on your flex-nginx-proxy instance(s).
Enable segmented asset encryption in the Flex NGINX Proxy by setting the following consul key:
Images and assets can be now be served to OoyalaREVIEW through the Flex NGINX Proxy and it can be configured to require authentication on each request.
To enable it, set the
flex/flex-nginx-proxy/enableSecurityCheck consul key to “Yes”. Now all proxy request for images and assets require a valid JWT.