hls_keys
The `hls_keys` directive configures the HLS playlist to use a specific key for encrypting media segments.
Description
The hls_keys directive is part of the NGINX RTMP module and allows you to set a key for encrypting HLS media segments. This key is crucial for securing content, particularly when sensitive or premium content is distributed over the internet. The directive accepts a single argument, which is the path to the key that will be used during the encryption process. This value must point to a valid file that is accessible by the NGINX server.
When this directive is used in a streaming context, the NGINX RTMP module will include the specified key in the generated HLS playlists. Moreover, it facilitates support for key rotation if you choose to update the keys periodically for added security. It's important to ensure that the key file is adequately secured and that proper permissions are set to prevent unauthorized access. Without this directive, HLS streams may be vulnerable to interception and unauthorized playback.
Additionally, using encryption with HLS segments can provide a better security layer for streaming media, but it may come with performance implications. It is advisable to consider server capabilities and the network environment when implementing this directive.
Config Example
hls_keys /usr/local/nginx/keys/stream_key;
Ensure the key file is readable by the NGINX user.
Using incorrect paths or non-existent key files will lead to errors in stream delivery.
Make sure to set the correct permissions on the key file to avoid unauthorized access.