Enabling DTLS

Datagram Transport Layer Security (DTLS) is a communications protocol that provides security for datagram-based applications by allowing them to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees.

Zixi supports DTLS encryption and identity authentication. This feature can be used in conjunction with static key AES scrambling for end-to-end encryption.

DTLS encryption can be configured on any Input or Output UDP port on the Zixi Broadcaster. This feature is activated and configured in the Settings screen. A DTLS server is configured using certificate and private key files in X.509 PEM format, similar to the files used to enable an HTTPS server.

To enable DTLS encryption:

1. In the Zixi Broadcaster navigation, click Settings.
   The Settings page opens showing the General tab.
2. Under the General section, click on the HTTPS and DTLS Streaming Certificate section heading to expand that section.
   The HTTPS and DTLS Streaming Certificate settings are shown.
   
3. Next to the Certificate uploaded field, click Upload.
4. Browse to find your certificate file, select it and click Open.
   
5. In the Private key uploaded field, click Upload.
6. Browse to find your private key file, select it and click Open.
   
7. In the Private key passphrase field, type a passphrase, if one exists.
8. Verify that there is a green Yes next to both Upload buttons.
   

9. Click Apply.
   A confirmation dialog is displayed:
   

   Any LIVE or ACTIVE streaming will be affected upon restarting the service.

10. Click Restart Now or Restart Later.