Versions Compared

Old Version 1

changes.mady.by.user Alon Men

Saved on

compared with

New Version Current

changes.mady.by.user Eli Pielet (Writec)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Zixi Broadcaster ZEC supports HTTPS encryption based on OpenSSL. Zixi Broadcaster expects ZEC expects certificate files in X.509 textual format (sometimes called ‘pem’) with a full chain of certificates, each one starts with “----BEGIN CERTIFICATE----", and the associated private key file, that starts with “----BEGIN PRIVATE KEY----". The certificate can be provided by an SSL/TLS certificate provider (Certification Authority) where the domain is registered, such as VeriSign, Digicert, etc.. Alternatively the certificate can be self-signed. A self-signed certificate is a certificate that is signed with its own private key. Self-signed certificates can be used to encrypt data just as well as CA-signed certificates, but your users will be displayed a warning that says that the certificate is not trusted by their computer or browser. Therefore, self-signed certificates should only be used if you do not need to prove your service’s identity to its users (e.g. non-production or non-public servers). 

...

Reach out to the hosting provider for instructions on how to obtain a CA-signed HTTPS certificate. As part of this process, you will be required to generate a certificate signing request (CSR). A CSR consists mainly of the public key of a key pair, and some additional information. Both of these components are inserted into the certificate when it is signed. To learn more about generating a CSR, go to - https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs

Creating a Self-signed Certificate

Instead of obtaining a CA-signed certificate, you can create a self-signed certificate. 

You can generate self-signed x.509 certs with OpenSSL by using the following command:

Code Block
openssl req -x509 -newkey rsa:2048 -keyout selfsigned_key.pem -out selfsigned_cert.pem

To learn more about generating a self-signed certificate, go to - https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs

Uploading the Certificate and Private Key

After obtaining a CA-signed certificate or creating a self-signed one, you will need to upload the certificate and private key to Zixi BroadcasterZEC

To upload the certificate and private key:

...