I have a trial account. I have setup an EC2 instance of the wowza streaming engine. I source a live stream to it and view the stream on an android application I have created.

Without the secure token v2 this works absolutely fine. but when I enabled secure token for the playback stream. I am not able to view the stream through my android application.

I have followed the steps as per this:

https://www.wowza.com/docs/how-to-protect-streaming-using-securetoken-in-wowza-streaming-engine#hash

I create a hash of this string:

live/livestream?livesharedsecret&wowzatokenCustomParameter=livestream

I have also verified the hash that gets generated from my code and a third party tool are the same.

I generate the hash using SHA-256 and then base64 it to a string.

md = MessageDigest.getInstance("SHA-256");

String text = "live/livestream?livesharedsecret&wowzatokenCustomParameter=livestream";

md.update(text.getBytes("UTF-8"));

byte[] hash = md.digest();

String base64 = Base64.encodeToString(hash, Base64.DEFAULT);

String url = "rtsp://xx.xx.xx.xx:1935/live/livestream?";

String finalUrl = url + "wowzatokenCustomParameter="+customParameter+"&wowzatokenhash="+base64;

Also is there any logging I can get activated on the wowza streaming engine side that can help me verify the token.

I checked the logs folder on my server and found ModuleCoreSecurity in the logs but it didn’t have the hash calculation the server should do. This is an example I found in other posts on the forum but could not find in my logs.

2017-03-0723:04:19 UTC comment server INFO 200-[vod/definst]ModuleCoreSecurity:hashCalculated: jbGXphGTxO570_89Y_dpBTA1KUCtTGdVCKXXHjTkhDU=—0.029-------------------------

2017-03-0723:04:19 UTC comment server INFO 200-[vod/definst]ModuleCoreSecurity:string hashed: vod/sample.mp4?mySharedSecret&myTokenPrefixCustomParameter=abcdef&myTokenPrefixendtime=1500000000&myTokenPrefixstarttime=1395230400—0.029------------

Hello,

Thanks for contacting the Wowza Community!

Can you confirm what browser you are using on Android? Is it only 1 browser it is not working or is a native player app or a downloaded app? can you test and confirm what playback software you are using? We have seen issues with Android and SSL in Chrome and the issue pointed to outdated Java versions on the Wowza server that needed to be updated.

Also, you can open a ticket with us and we can examine your log files. You can open a ticket HERE.

Please include the following and we can investigate the issue further. I would suggest also confirming the playback software and if all of what I mentioned works or not (browser type, native app and downloaded app). A few apps to try is VLC and MX Player for Android. If the stream plays for the apps and not the browser, it is browser specific.

Can you provide the following information with yout ticket:

• Your logs in a .zip file, located here: [install-dir]/logs
• Your conf folder in a .zip file, located here: [install-dir]/conf
• Helpful Article on creating a .zip file: https://www.wowza.com/docs/how-to-create-a-compressed-zip-file-in-windows-os-x-and-linux

regards,

Jermaine

Hello Velancio,

I am reposting here so that others can also find the solution.

From the Updates Page here:

https://www.wowza.com/docs/wowza-streaming-engine-software-updates#updaters

Changes (since 4.6.0.01 release)- Fixed RTMP and RTSP secure token to correctly use the content path in use

An upgrade will be required and we always suggest updating to the latest version, since any fixes or added features that stem from community or client requests will be added to the latest version.

Thanks in Advance,

Jason Hatchett