Technical Topics

BSN.Cloud Ports & URLs

11min
below is the list of ports and urls that our products use to communicate with bsn cloud services for simplicity, you should permit anything from bsn cloud with a wildcard bsn cloud player access requirements all access rules must be defined for outgoing connections only domain ports & protocols bsn control bsn content provision brightsignnetwork com 443 https optional (for b deploy) optional (for b deploy) provision bsn cloud 443 https optional (for b deploy) optional (for b deploy) handlers bsn cloud 443 https optional required ws bsn cloud 443 https, wss required required certs bsn cloud 443 https required required certs brightsignnetwork com 443 https required required time brightsignnetwork com 80, 123 http, ntp required required firmware bsn cloud 443\ https required required mc bsn cloud 443\ https optional (player hotfixes) optional (player hotfixes) crashes brightsignnetwork com 443 https required required services brightsignnetwork com 80 http 443 https required required bsncloud s3 amazonaws com 443 https not required required api qrserver com 443 https optional (for activation by qr) optional (for activation by qr) goqr me 443 https optional (for activation by qr) optional (for activation by qr) brightauthor\ connected access requirements all access rules must be defined for outgoing connections only domain ports & protocols bsn control bsn content bsn cloud 443 https required required downloads bsn cloud 443 https required required auth bsn cloud 443 https required required provision brightsignnetwork com 443 https required required provision bsn cloud 443 https required required ws bsn cloud 443 https required required api bsn cloud 443 https required required firmware bsn cloud 443\ https required required rp bsn cloud 443 https not required required analytics bsn cloud 443 https required required api brightsignnetwork com 443 https not required optional (for presentation import from bsn com http //bsn com ) bsncloud s3 amazonaws com 443 https required required bsnm s3 amazonaws com 443\ https not required optional (for presentation import from bsn com http //bsn com ) netsuite com 443 https required required brightsign biz 443 https required required docs brightsign biz 443 https required required launchdarkly com see here and here for more info 443 https required required tls terminating proxies requests to the following https urls are authenticated using a client certificate if the tls session is terminated in the proxy to allow for payload filtering, the client certificate will not match and the request will fail with a 401 status code the proxy must be configured such that requests to any url in the list below are handled transparently without tls termination https //certs bsn cloud/features/api/v1/exchange refresh token https //certs bsn cloud/features/api/v1/exchange refresh token%20/ https //certs bsn cloud/features/api/v1/exchange reg token https //certs bsn cloud/features/api/v1/exchange reg token https //certs bsn cloud/features/api/v1/get activation token https //certs bsn cloud/features/api/v1/get activation token https //certs bsn cloud/features/api/v1/failsafe https //certs bsn cloud/features/api/v1/failsafe https //certs bsn cloud/features/api/v1/bsn reg token https //certs bsn cloud/features/api/v1/bsn reg token https //certs bsn cloud/features/api/v1/user access token https //certs bsn cloud/features/api/v1/user access token https //certs bsn cloud/features/api/v1/bsn groups https //certs bsn cloud/features/api/v1/bsn groups https //certs brightsignnetwork com/features/api/v1/exchange refresh token https //certs brightsignnetwork com/features/api/v1/exchange refresh token https //certs brightsignnetwork com/features/api/v1/exchange reg token https //certs brightsignnetwork com/features/api/v1/exchange reg token https //certs brightsignnetwork com/features/api/v1/get activation token https //certs brightsignnetwork com/features/api/v1/get activation token https //certs brightsignnetwork com/features/api/v1/failsafe https //certs brightsignnetwork com/features/api/v1/failsafe https //certs brightsignnetwork com/features/api/v1/bsn reg token https //certs brightsignnetwork com/features/api/v1/bsn reg token https //certs brightsignnetwork com/features/api/v1/user access token https //certs brightsignnetwork com/features/api/v1/user access token https //certs brightsignnetwork com/features/api/v1/bsn groups https //certs brightsignnetwork com/features/api/v1/bsn groups https //provision bsn cloud/rest/v2 https //provision bsn cloud/rest/v2 https //provision bsn cloud/rest device/v2/activation code https //provision bsn cloud/rest device/v2/activation code https //provision bsn cloud/rest/ https //provision bsn cloud/rest/ https //provision brightsignnetwork com/rest/v2 https //provision brightsignnetwork com/rest/v2 https //provision brightsignnetwork com/rest device/v2/activation code https //provision brightsignnetwork com/rest device/v2/activation code https //provision brightsignnetwork com/rest/ https //provision brightsignnetwork com/rest/ https //crashes brightsignnetwork com/bs/crashdump https //crashes brightsignnetwork com/bs/crashdump requests to the following urls use the websockets protocol these do not require the client certificate but, if the proxy supports only https, it may be necessary to configure these urls to bypass the proxy as well wss\ //ws bsn cloud/ requests to the following urls must be permitted by the acl but do not otherwise require special handling http[s] //time brightsignnetwork com https //time brightsignnetwork com https //api qrserver com/v1/create qr code/ https //api qrserver com/v1/create qr code/ https //bsncloud s3 amazonaws com/public/firmwaremanifest json https //bsncloud s3 amazonaws com/public/firmwaremanifest json http //bsnm s3 amazonaws com/public/firmwarecompatibilityfile xml http //bsnm s3 amazonaws com/public/firmwarecompatibilityfile xml https //handlers bsn cloud/bs/checkforcontent ashx https //handlers bsn cloud/bs/checkforcontent ashx https //handlers bsn cloud/bs/events ashx https //handlers bsn cloud/bs/events ashx https //handlers bsn cloud/bs/error ashx https //handlers bsn cloud/bs/error ashx https //handlers bsn cloud/bs/deviceerror ashx https //handlers bsn cloud/bs/deviceerror ashx https //handlers bsn cloud/bs/devicedownload ashx https //handlers bsn cloud/bs/devicedownload ashx https //handlers bsn cloud/bs/devicedownloadprogress ashx https //handlers bsn cloud/bs/devicedownloadprogress ashx https //handlers bsn cloud/bs/trafficdownload ashx https //handlers bsn cloud/bs/trafficdownload ashx https //handlers bsn cloud/bs/uploadusage ashx https //handlers bsn cloud/bs/uploadusage ashx https //handlers bsn cloud/bs/nowplaying ashx https //handlers bsn cloud/bs/nowplaying ashx https //handlers bsn cloud/bs/getfile ashx https //handlers bsn cloud/bs/getfile ashx https //handlers bsn cloud/bs/uploadlogs ashx https //handlers bsn cloud/bs/uploadlogs ashx https //handlers bsn cloud/bs/batterycharger ashx https //handlers bsn cloud/bs/batterycharger ashx https //handlers bsn cloud/bs/heartbeat ashx https //handlers bsn cloud/bs/heartbeat ashx https //handlers bsn cloud/bs/recovery/recovery ashx https //handlers bsn cloud/bs/recovery/recovery ashx https //handlers bsn cloud/bs/recovery/recovery runsetup ba brs https //handlers bsn cloud/bs/recovery/recovery runsetup ba brs https //services brightsignnetwork com/bs/checkforcontent ashx https //services brightsignnetwork com/bs/checkforcontent ashx https //services brightsignnetwork com/bs/events ashx https //services brightsignnetwork com/bs/events ashx https //services brightsignnetwork com/bs/error ashx https //services brightsignnetwork com/bs/error ashx https //services brightsignnetwork com/bs/deviceerror ashx https //services brightsignnetwork com/bs/deviceerror ashx https //services brightsignnetwork com/bs/devicedownload ashx https //services brightsignnetwork com/bs/devicedownload ashx https //services brightsignnetwork com/bs/devicedownloadprogress ashx https //services brightsignnetwork com/bs/devicedownloadprogress ashx https //services brightsignnetwork com/bs/trafficdownload ashx https //services brightsignnetwork com/bs/trafficdownload ashx https //services brightsignnetwork com/bs/uploadusage ashx https //services brightsignnetwork com/bs/uploadusage ashx https //services brightsignnetwork com/bs/nowplaying ashx https //services brightsignnetwork com/bs/nowplaying ashx https //services brightsignnetwork com/bs/getfile ashx https //services brightsignnetwork com/bs/getfile ashx https //services brightsignnetwork com/bs/uploadlogs ashx https //services brightsignnetwork com/bs/uploadlogs ashx https //services brightsignnetwork com/bs/batterycharger ashx https //services brightsignnetwork com/bs/batterycharger ashx https //services brightsignnetwork com/bs/heartbeat ashx https //services brightsignnetwork com/bs/heartbeat ashx https //services brightsignnetwork com/bs/recovery/recovery ashx https //services brightsignnetwork com/bs/recovery/recovery ashx https //services brightsignnetwork com/bs/recovery/recovery runsetup ba brs https //services brightsignnetwork com/bs/recovery/recovery runsetup ba brs http //api brightsignnetwork com/brightauthor/service/v201312/bnmservices asmx http //api brightsignnetwork com/brightauthor/service/v201312/bnmservices asmx https //bsncloud dssp s3 amazonaws com/devicescreenshots/incoming/ https //bsncloud dssp s3 amazonaws com/devicescreenshots/incoming/ https //sqs us east 1 amazonaws com/965175186373/bsn cloud dssp https //sqs us east 1 amazonaws com/965175186373/bsn cloud dssp the default value for the setup time server is http //time brightsignnetwork com http //time brightsignnetwork com/ however, brightauthor\ connected and brightauthor classic let the user enter a value for the time server the associated scripts then set the time server to the value entered by the user chromium 87+ and certificate validation endpoints in chromium 87 (bos 8 5 and 9 0) and later, inability to communicate with crl and oscp endpoints became a blocking action that is, if the browser reaches out to these endpoints and never hears back, it does not complete the validation process any response from those endpoints, even an unsuccessful one, allows the process to continue this was not true in chromium 69 (bos 8 4 and below) for more information, see these pages about online certificate status protocol and the certificate revocation list to avoid this issue, you must add a whitelist for those endpoints to the certificate vendor to find the endpoints, open the certificate and find the following entries (this example uses google chrome and the bsn cloud certificate) crl distribution points authority information access > ocsp responder