mTLS protocol authentication is supported on MCM version 6.3.4 and is compatible with MCS 1.1.1 onwards. The mTLS configuration works on the SKY, CKS KMS, with valid certificates, config alias, and asset ID’s.
To configure SKY, CKS KMS for mTLS, follow the steps below.
Navigate to KMS → KMS Configuration on the MCM9000.
Click on the add icon highlighted in red to add a KMS type. Give a name and choose the Type as SKY, CKS from the dropdown.
3. Fill in the details appropriately.
Fields | Description |
Name | Name of the KMS. |
Type | Type of KMS (SKY, CKS). |
Network | Select the network from the list; the selected Nic will be used to pull the Keys from the KMS system. |
Server URL | The Server URL to connect to (Please follow the suggested URL structure). **For mTLS, it is essential to specify the config alias and asset ID as shown in the Server URL structure. |
Username | Username to access the SKY, CKS KMS. |
Password | The password to access the SKY, CKS KMS. |
Asset IDs | Asset IDs to be replaced in the URL. |
Download repetition Rate | The repetition Rate field indicates the period of time that will be used by the system to re-inquire for the Keys. Click on the toggle switch to disable the Download repetition Rate. |
Click on Submit once you fill in all the fields.
4. Scan an OTT channel. Please refer to Scan for a detailed description of Scanning sources.
5. Navigate to Sources → Configuration and edit the channel to set the KMS type to SKY, CKS.
Click on Submit to save the configuration.
The scanned source with SKY CKS, CENC encryption type can be viewed on the Output Mosaic as described in Configure Output Encoder and Viewing the Output Mosaic.