Refer to the Enabling HTTPS on your Zixi Broadcaster guide.
Changing the default root folder location
The root folder is used to store recordings and VOD content. Over time the size of the content in this folder may grow significantly. If this folder is in the same partition as the machine’s operating system and the capacity limit is reached, it may cause risks to the machine itself. It is therefore recommended to change Zixi’s root folder location to a separate partition (not the same partition as the OS). If the partition is filled it will not disrupt or harm the machine’s OS.
To change the default root folder location:
Open the ‘broadcaster-info.xml’ file, which is located in the folder as the Zixi’s executable file (e.g. zixi_broadcaster-1.10.1.24727.exe).
The file includes the following content:
| Code Block |
|---|
<?xml version="1.0" encoding="utf-8"?>
<ROOT_SETTINGS>
<FOLDER>d:\ts</FOLDER>
<MANAGED>false</MANAGED>
<MANAGEMENT-ENABLED>false</MANAGEMENT-ENABLED>
</ROOT_SETTINGS>
<TUNNEL>
<ALLOW>0</ALLOW>
<MASTER>1</MASTER>
</TUNNEL> |
Defining “non-root user”
Zixi includes some settings that modify the operating system settings on the host machine (e.g. networking settings, etc.). Modifying these settings requires Zixi Broadcaster to have “Root user” (the highest) access privileges on the machine. However, once these settings have been defined, Zixi Broadcaster does not need these high level access privileges anymore and it is recommended to change the access privileges to a non-root user.
The following settings cannot be modified after changing the access privileges. Make sure you do not need to modify any of these settings:
- Settings > Network.
- Settings > SSH Connections
- Settings > ASI
To define non-root user privileges:
Datagram Transport Layer Security (DTLS) is a communications protocol that provides security for datagram-based applications by allowing them to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees.
Zixi supports DTLS encryption and identity authentication. This feature can be used in conjunction with static key AES scrambling for end-to-end encryption.
DTLS encryption can be configured on any Input or Output UDP port on the Zixi Broadcaster. This feature is activated and configured in the Settings screen. A DTLS server is configured using certificate and private key files in X.509 PEM format, similar to the files used to enable an HTTPS server.
To enable DTLS encryption:
- In the Zixi Broadcaster navigation, click Settings.
The Settings page opens showing the General tab. - Under the General section, click on the HTTPS and DTLS Streaming Certificate section heading to expand that section.
The HTTPS and DTLS Streaming Certificate settings are shown.
- Next to the Certificate uploaded field, click Upload.
- Browse to find your certificate file, select it and click Open.
- In the Private key uploaded field, click Upload.
- Browse to find your private key file, select it and click Open.
- In the Private key passphrase field, type a passphrase, if one exists.
- Verify that there is a green Yes next to both Upload buttons.
Click Apply.
A confirmation dialog is displayed:
Info Any LIVE or ACTIVE streaming will be affected upon restarting the service.
- Click Restart Now or Restart Later.
| Panel | |
|---|---|
On this page:
|