Nimble Streamer DRM

Digital Rights Management with Widevine, Playready, FairPlay, BuyDRM, EZDRM, PallyCon, Verimatrix

Nimble Streamer supports DRM CENC encryption for MPEG-DASH and HLS with fMP4 container in the following use cases:

  • Google Widevine™ support to protect MPEG-DASH.
  • Microsoft Playready™ support to protect MPEG-DASH.
  • Apple FairPlay™ support to protect HLS.
  • All encryption works for H.264/AVC and H.265/HEVC codecs.
  • AV1 codec is supported for Widevine-encrypted MPEG-DASH streams.
  • Widevine Cloud Service support with key rotation.
  • BuyDRM KeyOS support for Widevine, FairPlay and Playready.
  • EZDRM DRM-as-a-Service support for Widevine, FairPlay and Playready. Read the introduction blog post.
  • PallyCon support for Widevine, FairPlay and Playready. Read introduction blog post about our collaboration.
  • Verimatrix VCAS CPIX multi-DRM support for Widevine, FairPlay and Playready.

Nimble supports DRM in the following scenarios:

  • Encrypting live streaming output based on any input.
  • DVR encryption for playback of recorded streams.
  • VOD content encryption during playback.

Verimatrix™ VCAS CEI key management is supported to protect live HLS streams with AES encryption.
It's not supported for DVR and VOD use cases.

Follow these easy steps to start using the DRM feature set:

  1. Set up Nimble Streamer and register Addenda license.
  2. Configure DRM using simple drm.conf file on Nimble Streamer server side.
  3. Test protected streams in your players.

1. Set up Nimble Streamer

1.1 Prerequisites: you need to have the following items to be completed before proceeding with DRM setup.

  1. You have a proper DRM-enabled player set up and tested so you could test the encrypted streams.
  2. You signed up for WMSPanel account.
  3. Latest version of Nimble Streamer was installed and is running.
  4. SSL is properly set up and tested.

1.2 Set up streaming: create and test your streaming scenario without any encryption first.

Overall you need to make sure you have a separate working test output stream which you'll try to encrypt.
Once you set up DRM as described below, you'll be able to apply it to your production environment.

Watch Nimble Streamer setup for live, DVR and VOD with EZDRM.

2. Subscribe and license

2.1 WMSPanel subscription.
You need to be subscribed for WMSPanel account, at least for basic minimum subscription. So once you made sure Nimble Streamer works with non-encrypted use cases you can follow subscription instructions on your profile page.

2.2 Addenda license.
Nimble Streamer DRM is part of Nimble Streamer Addenda premium package.
You need to subscribe for Addenda package license for each Nimble Streamer server instance where you want to enable DRM.
Use instruction from Addenda page to obtain and register the license.

3. Configure DRM settings

All DRM settings are stored in drm.conf file located at the same location as nimble.conf. E.g. on Linux, you need to create /etc/nimble/drm.conf file.

Just add a few lines, re-start Nimble Streamer and you're all set. You may also apply drm.conf changes by using native API call without Nimble re-start.

3.a General parameters

The config consist of a set of drm{} blocks, each of them contains settings for specified applications.
Show setup details

3.b Widevine Cloud Service

Nimble can encrypt content with Google Widevine and use key rotation.
Show setup details


Nimble can encrypt content with Google Widevine, Apple FairPlay and Microsoft Playready using EZDRM key servers.
Watch step-by-step tutorial showing the setup of Nimble Streamer with EZDRM Widevine for live, DVR and VOD.
Notice that EZDRM resource ID can be specified using content_id parameter.
Show setup details

3.d BuyDRM KeyOS

Nimble can encrypt content with Google Widevine, Apple FairPlay and Microsoft Playready using BuyDRM KeyOS.
Show setup details

3.e PallyCon

Nimble can encrypt content with Google Widevine, Apple FairPlay and Microsoft Playready using PallyCon key servers.
Show setup details

3.f Verimatrix VCAS CPIX

Nimble can encrypt content using Verimatrix multi-DRM with Widevine, Playready and FairPlay.
Show setup details

3.g Verimatrix VCAS CEI

Nimble can encrypt HLS content with AES encryption using Verimatrix VCAS key servers.
Show setup details

3.h HLS AES-128 encryption

Nimble can make per-application HLS AES encryption of HLS content.
Show setup details

4. Test encrypted streams and troubleshoot

Once you re-start Nimble Streamer, you may use your player to test the encrypted live stream to make sure the setup is correct. On Android, you may use Larix Player free app to play content encrypted via MPEG-DASH with Widevine and PlayReady in live, DVR and VOD modes.

Make sure you use SSL for your streams' playback.

If the stream doesn't play then disable corresponding DRM section in drm.conf and re-start Nimble Streamer instance. This will let you determine if the DRM setup is the root cause of the problem. Notice that you may apply drm.conf changes by using this Nimble native API call.

If you still have issues after making fixes to configuration, contact our support. We'll need your drm.conf file, a live stream to test, and a web page with that stream and DRM-enabled player.

This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the Privacy Policy. If you want to know more or withdraw your consent to all or some of the cookies, please refer to the Privacy Policy.
By closing this banner, scrolling this page, clicking a link or continuing to browse otherwise, you agree to the use of cookies.