To use Apple’s FairPlay Streaming (FPS) DRM, a content service provider should acquire
FPS Deployment Package from Apple and register the below data with PallyCon service.
- FPS Certificate file (.der or .cer) - Private key file (.pem) - Private key password string - Application secret key (ASK) string
This document will guide you step by step to ensure that your process is accurate.
You need Apple developer account to get the
FPS Deployment Package. Sign up for the account on the below site if you don’t have one.
If you apply for the Deployment Package according to the input form, you will be issued a package containing the
FPS Credential Creation Guide document after Apple’s confirmation.
During the application process, you will be asked if you have completed the implementation and testing of the
Key Server Module (KSM). This can be answered by saying, ‘I am using a 3rd party DRM company and the company has already built and tested KSM’.
Create a private key (privatekey.pem) file and a certificate signing request (certreq.csr) file by referring to the guide document in the package. The following describes OpenSSL method in
Generating a Certiﬁcate Signing Request section of the guide.
OpenSSL must be installed on the PC or server environment where this process is performed.
Create a private key (privatekey.pem) file
openssl genrsa -aes256 -out privatekey.pem 1024
Create a certificate signing request file
openssl req -new -sha1 -key privatekey.pem -out certreq.csr -subj "/CN=SubjectName/OU=OrganizationalUnit/O=Organization/C=US"
Log in to the Apple Developer Portal as shown below and go to the
Certificate, IDs & Profiles menu.
+ button on the menu screen to move to the
Create a New Certificate screen.
FairPlay Streaming Certificate item and click the
Choose File, select the
certreq.csr file created in the previous step and click the
Application Secret Key (ASK) string, record it separately, paste it in the space below and click the
A pop-up will appear to confirm that you have recorded the ASK string separately. Click the
When the above process is completed, the certificate created with
FairPlay Streaming type will be displayed in the
Download button to save the
FPS certificate file (fairplay.cer).
Log in to PallyCon Console site.
Click on the
Site Settings menu and go to the
Integration Settings tab.
Register button in the
FPS Cert Registration section of
Enter the files (private key, certificate) and strings (private key password, ASK) created in the previous steps in the pop-up window.
Note: If you have performed Step #2 multiple times for testing, you may encounter a mismatch of certificate / key pairs or invalid private key passwords. Please be careful to register the correct data.
This completes the
FairPlay Cert Registration Tutorial.
The download URL of FPS certification file is
https://license.pallycon.com/ri/fpsKeyManager.do?siteId='Site_ID'. Input your
Site_IDwhich is issued by PallyCon Cloud service. (4byte)