Versions Compared

Old Version 2

changes.mady.by.user Alon Men

Saved on

compared with

New Version Current

changes.mady.by.user Alon Men

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

Zixi Broadcaster supports HTTPS encryption based on OpenSSL. Zixi Broadcaster expects certificate files in X.509 textual format (sometimes called ‘pem’) with a full chain of certificates, each one starts with “----BEGIN CERTIFICATE----", and the associated private key file, that starts with “----BEGIN PRIVATE KEY----". The certificate can be provided by an SSL/TLS certificate provider (Certification Authority) where the domain is registered, such as VeriSign, Digicert, etc.. Alternatively the certificate can be self-signed.

...

 A self-signed certificate is a certificate that is signed with its own private key. Self-signed certificates can be used to encrypt data just as well as CA-signed certificates, but your users will be displayed a warning that says that the certificate is not trusted by their computer or browser. Therefore, self-signed certificates should only be used if you do not need to prove your service’s identity to its users (e.g. non-production or non-public servers). 

Obtaining a CA-signed Certificate

Reach out to the hosting provider for instructions on how to obtain a CA-signed HTTPS certificate. As part of this process, you will be required to generate a certificate signing request (CSR). A CSR consists mainly of the public key of a key pair, and some additional information. Both of these components are inserted into the certificate when it is signed. To learn more about generating a CSR, go to - https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrsObtaining

Creating a

...

Self-signed Certificate

To Activate SNMP:

  • Run the script file ./install_snmp.sh, located in the Broadcaster folder, where Zixi Broadcaster was installed. The events on the log screen are deleted.

Info
titleNote

Running the script may cause Zixi Broadcaster to restart.

Configuring SNMP Settings

 To Configure SNMP:

...

  • In the User Name field, enter the SNMP user name.
  • In the Write Access field, select the checkbox to allow Read-Write access rights. If the checkbox is not selected, the user will have Read-only access rights.
  • In the Password field, enter the SNMP user's password.

...

Viewing MIB Information

You can view the "Root MIB" (which defines the Zixi Broadcaster tree root definitions) and the "Broadcaster MIB" (which describes the Zixi Broadcaster MIB tree definition, including all its objects). 

To view MIB information:

...

Instead of obtaining a CA-signed certificate, you can create a self-signed certificate. 

You can generate self-signed x.509 certs with OpenSSL by using the following command:

Code Block
openssl req -x509 -newkey rsa:2048 -keyout selfsigned_key.pem -out selfsigned_cert.pem

To learn more about generating a self-signed certificate, go to - https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs

Uploading the Certificate and Private Key

After obtaining a CA-signed certificate or creating a self-signed one, you will need to upload the certificate and private key to Zixi Broadcaster. 

To upload the certificate and private key:

  1. Go to Settings > General.
  2. Click + to expand the HTTPS and DTLS Streaming Certificate section.
  3. In the Certificate Uploaded field, click Upload and select the certificate file.  
  4. In the Private Key Uploaded field, click Upload and select the Private Key. 
  5. In the Private Key Passphrase field, type the passphrase or leave empty (Default passphrase is empty, ignore the ‘****’).
  6. Click Apply
    If the process was successful, the SSL setup status field will turn to "OK".