Use the External CEK feature to vend and package licenses using your existing CKMS.
This is a command line tool that will AAXS-encrypt a video and create metadata that will not contain the CEK (protected with an AAXS license server’s public cert). Instead, the tool embeds a CEK ID into the video’s metadata.
During license acquisition, the AAXS license server observes a flag in the metadata identifying that this content was protected using an External CEK. The license server will extract the CEK ID from the metadata and then query a secure repository/CKMS to retrieve the appropriate CEK.
Ensure you are using Java 1.6.0_24 or later.
To see the tool usage: java -jar AdobePackager_ExternalCEK.jar
To package content:
java -jar AdobePackager_ExternalCEK.jar sample.flv encrypted.flv abc abcdef0123456789
policy.pol https://path-to-your-server:8090 <license-server-public-cert.pem>
<license-server-private-key.pfx> <private-key-password>
build-samples.xml
adobe-flashaccess-sdk.jar
) must be on the classpathSet up the Reference Implementation.
If any exist, clean up previous Reference Implementation deployments:
delete <tomcat>\work\Catalina\*.*
delete <tomcat>\conf\Catalina\*.*
delete <tomcat>\logs\*.*
Verify that there is a CEKDepot.properties file alongside your flashaccess-refimpl.properties
Initiate a license request from an Adobe Primetime Player
Observe Ref Impl logs for something similar to:
DEBUG [com.adobe.flashaccess.refimpl.web.RefImplLicenseReqHandler.REQUESTS]
Used CEK ID:{abc} to retrieve CEK: {abcdef0123456789} from depot
DEBUG
level ( INFO
is set by default)None