FairPlay Certificate Registration

In this topic, you will learn the Apple process to create a FairPlay Streaming (FPS) DRM certificate.

Overview

FairPlay Streaming is a DRM solution from Apple to securely deliver streaming media using the HLS (HTTP Live Streaming) protocol.

To be able to use Apple’s FairPlay Streaming (FPS) DRM, users should acquire the FPS Deployment Package from Apple and provide your Brightcove representative with the following information:

  • The FPS Certificate file .der or .cer
  • Private key file .pem
  • Private key password string
  • Application secret key (ASK) string

Step 1: Sign up Apple Developer Account and Request Deployment Package

  1. Enter your Apple developer account to get the FPS Deployment Package. If you don’t have one. Sign up.
  2. Click the Request Deployment Package link at the bottom of the FairPlay Streaming website and log in with your Apple developer account.

Once you apply for the Deployment Package according to the input-form, you will be issued a package containing the FPS Credential Creation Guide document after Apple’s confirmation.

The image below shows an example of the information that must be entered in Apple's form.

Step 2: Create the Private Key and Certificate Signing Request(CSR)

The next step is to create a private key privatekey.pem file and a certificate signing request certreq.csr file by referring to the guidelines document in the package.

The following steps describe the OpenSSL method to generate the CSR file:

  1. Open the OpenSSL command-line tool.
  2. Generate the Private Key File: privatekey.pem by typing and running the following command.
                    openssl genrsa -aes256 -out privatekey.pem 1024 
  3. Enter a password for the private key and save it for later use.
  4. Generate the Certificate Signing Request file by typing and running the following command.
    openssl req -new -sha1 -key privatekey.pem -out certreq.csr -subj "/CN=SubjectName/OU=OrganizationalUnit/O=Organization/C=US"
  5. Enter the Private Key password.

Step 3: Create FPS Cert at Apple Developer Portal

  1. Log in to the Apple Developer Portal and click Certificate, IDs & Profiles on the left menu.
  2. In the Certificates subtitle click the button.
  3. On the Create a New Certificate section, select the FairPlay Streaming Certificate option.
  4. Click Continue.
  5. Click Choose File.
  6. Select the certreq.csr file created with OpenSSL.
  7. Click Continue.
  8. Copy the Application Secret Key provided by Apple, and store it safely. If the ASK is compromised, you will no longer be able to protect your content with FPS.
  9. Paste the ASK in the space provided.
  10. Click Continue
  11. Click the Generate button when the pop-up appears to confirm that you have saved your Application Security Key.
  12. Click Certificates in the left menu to see your FairPlay Streaming Certificate in the list.
  13. Click on your Certificate.
  14. Click the Download button to save the FPS certificate file: fairplay.cer.
  15. After download the FPS certificate file, please contact your Brightcove account manager to finish the process.