Local DWS APIs

the local diagnostic web server (local dws or ldws) is disabled by default as of brightsignos 9 0 218 (on the 9 0 branch) and brightsignos 9 1 75 (on the 9 1 branch) in brightsignos versions prior to these, the local dws was enabled by default to enable the local dws, see access the local dws docid\ iafcherljfjdjtwttkpk5 there are two ways to access these apis you can choose to use digest authentication digest authentication uses a username and a password the username is always “admin” the password can be set in three ways use the default, which is the player serial number set it through the setup package set it using a custom script you can choose to use no authentication however, this is not recommended once the password is set, you need to authenticate to access the local dws apis to do this you should be using bri ghtsignos 8 4 6 or newer call the desired api using digest authentication with the local dws username and password note that digest authentication is fairly insecure when used over an insecure transport (http) the url prefix is always http //player ip/api api d efinit ions the listed apis are prefixed with the version /v1 we can not guarantee that these documents will be current in every case ldws advanced endpoints docid\ rrbb0z9dct8mtxs9jqfo8 ldws control endpoints docid\ ylxb9c8us70n09hookdp ldws diagnostics endpoints docid\ sayok1v5mynjrfjdyjo5k ldws display control endpoints docid\ eeufgoavjljvccgpgdxdn ldws general endpoints docid 7xffmahpax15y5oeyva1z ldws info endpoints docid\ lrnvvaaa2rbz3 22kptnu ldws logs endpoints docid\ gvrltps3clnqwbf6nmepm ldws registry endpoints docid\ vgos8ry1l2grothau1ogk ldws remote snapshot endpoint docid 5clrljaf12o4xjrg6ttdb ldws sendcecx endpoint docid\ v ecynutwh 8p7exqp06r ldws storage endpoints docid nxnhjkhzyijmlymzrifa ldws video endpoints docid\ ysqoggysbtpmi8d tywz9 using https with the local dws in bos releases after bos 8 2 35 4, users had the option use either a trusted certificate or a self signe d certificate to access https over the dws as of bos 9 0 218 and 9 1 52, the local dws uses https by default with a self signed certificate previously (in bos 8 2 35 4 and newer) https was optional, but a self signed certificate had to be provided see add digital certificates docid\ j17pu2fwzg7nik1niyt y for information about how to apply a certificate to a player generating a self signed certificate and key to do this, choose one of the following two methods run this code openssl req nodes new x509 keyout dws key out dws crt or run the following code and use the 'dws key' and 'dws crt' files the other files can be deleted later openssl req newkey rsa 4096 keyform pem keyout ca key x509 days 3650 outform pem out ca cer openssl genrsa out dws key 4096 openssl req new key dws key out client req openssl x509 req in client req ca ca cer cakey ca key set serial 101 extensions client days 365 outform pem out dws crt making the certificate and key files accessible the operating system will look for files with known names at the root of the default storage to make the certificate and key files you generated findable, either name the files name the files dws crt and dws key , as in the examples put the names of the files in the networking registry using the keys put the names of the files in the networking registry using the keys ldws cert file name , ldws key file name see brightsign registry keys docid 8luj1vpf ftlcbisbqbvz for more information if you want to supply the ca certificate, you can use the default name if you want to supply the ca certificate, you can use the default name dws ca or if you want to use another name use the registry key ldws ca file name to specify the filename then put the files at the root of the default storage if you have defined the then put the files at the root of the default storage if you have defined the ldws certs path registry key, this will be the certs location (rather than the default storage)