How to manage Apple HLS playback over SSL in Wowza Streaming Cloud

When you broadcast an Apple HLS live stream using the Wowza Streaming Cloud™ service, you have complete control over whether or not Secure Sockets Layer (SSL) is used to encrypt the HTTP connections that deliver the stream to viewers. By default, Wowza Streaming Cloud uses relative playlists, which allows streams to be played over HTTP or HTTPS—or both. This provides the greatest flexibility for your viewers. You can, however, require that viewers watch a live stream over HTTP or HTTPS.

Contents


About SSL playback from Wowza Streaming Cloud HLS stream targets
HLS stream target SSL playback cheat sheet
Deliver an HLS live stream that can be played over HTTP or HTTPS
Deliver an HLS live stream that can only be played over HTTPS
Deliver an HLS live stream that can only be played over HTTP

About SSL playback from Wowza Streaming Cloud HLS stream targets


Live streams delivered from the Wowza Streaming Cloud travel across the Internet in two stages to reach their audiences.

After Wowza Streaming Cloud transcodes (or passes through) the encoded live source video, it sends the stream to geographically distributed servers called stream targets. Those targets then deliver the live stream to viewers, such as through a hosted webpage or a direct playback URL.

Wowza Streaming Cloud uses the HTTP protocol to make these two outbound network transfers, delivering streams for playback over Apple HLS or over Apple HLS and Adobe HDS.

For both types of HTTP delivery, Wowza Streaming Cloud generates a relative playlist, which means that the stream can be viewed over HTTP or HTTPS. The viewer is not restricted to the secure or unsecured protocol.

When you choose to deliver a live stream over Apple HLS only, you can enjoy the default flexibility of relative playlists, or you can control whether the viewer has to use HTTP or HTTPS to watch the stream by editing the stream target’s properties.

HLS stream target SSL playback cheat sheet


Three HLS stream target properties are used to manage SSL playback. Here's a table that summarizes how to configure those properties for the type of playback you want to support.

Tip: Click the desired result to jump to instructions on how to configure the target with these settings.

Desired result: Send stream to target over SSL: Play over SSL: Relative playlists:
Play HLS over HTTP or HTTPS True* False (default) True (default)
Play HLS over HTTPS True* True False
Play HLS over HTTP False (default)* False (default) False

* Sending the stream from the transcoder to the target over SSL isn't required for secure playback, but it's good practice to use SSL for the connection in to and out of the target to make the communications as secure as possible.

Deliver an HLS live stream that can be played over HTTP or HTTPS


The easiest option is to create a live stream that plays Apple HLS  over HTTP or HTTPS.

  1. Sign in to Wowza Streaming Cloud.
  2. Click the Live Streams menu, and then click Add Live Stream.
  3. On the Live Stream Setup page, enter a Live Stream Name, choose a Broadcast Location, and then click Next.
  4. On the Video Source and Transcoder Settings page, select the encoder or camera you want to use to connect to Wowza Streaming Cloud.
  5. Select a delivery protocol. For What protocol(s) do you want to use to deliver this stream to viewers? make sure Apple HLS (the default) is selected.
Note: If your source is Wowza Streaming Engine, you must first select No, I want Wowza Streaming Cloud to transcode this stream and/or deliver it to multiple stream targets before you can select Apple HLS as the delivery protocol.
  1. Specify other video source settings, click Next, and complete the steps to finish creating the live stream.
Note: For more information about live stream settings, see the Help panel on the right side of each page.

Wowza Streaming Cloud creates the live stream and displays the Overview tab of the live stream detail page.

  1. Depending on how you want to make the stream available, do one of the following:
  • Use the Apple HLS playback URL to play the stream in a browser or player that supports Apple HLS. Although the playback URL appears as HTTPS, the playback URL can also be accessed using HTTP.
  • If you created a hosted page, click the Hosted Page tab to access and share the hosted page URL. Although the hosted page URL appears as HTTPS, the page can also be viewed using HTTP.
  • If you want to include the stream on an external website (HTTP or HTTPS), use the embed code, which uses a relative URL in the JavaScript call for the player. For example:

src='//player.cloud.wowza.com/hosted/[a-unique-player-id]/wowza.js'

Deliver an HLS live stream that can only be played over HTTPS


You can require SSL for live stream HLS playback, if desired.

  1. Create a live stream whose Delivery Protocol is Apple HLS. For instructions, see Deliver an HLS live stream that can be played over HTTP or HTTPS.
  2. Click Advanced on the menu bar, click Stream Targets, and then select the target for the live stream. It appears as [Live-stream-name] / Stream Target.
  3. Click the Properties tab, and then click Edit.
  4. (Optional) Under HLS, select Enabled make sure Send stream to target over SSL is True.
  5. Under Playlist, select Enabled for Play over SSL and specify True.
  6. Under Playlist, select Enabled for Relative playlists and specify False.
  7. Click Save.

Deliver an HLS live stream that can only be played over HTTP


You can disable SSL for live stream HLS playback, if desired.

  1. Create a live stream whose Delivery Protocol is Apple HLS. For instructions, see Deliver an HLS live stream that can be played over HTTP or HTTPS.
  2. Click Advanced on the menu bar, click Stream Targets, and then select the target for the live stream. It appears as [Live-stream-name] / Stream Target.
  3. Click the Properties tab, and then click Edit.
  4. (Optional) Under HLS, select Enabled make sure Send stream to target over SSL is False.
  5. Under Playlist, select Enabled make sure Play over SSL and Relative playlists are both False.
  6. Click Save.

If you're having problems or want to discuss this article, post in our forum.