Would someone please explain in baby talk how to create a DKDM.
I've been given two .pem files, a user and a smpte .pem.
No matter what I do I can always Decrypt the DCP on the machine it was Encrypted on but absolutely no where else.
I've spent two days on this and I'm feeling really stupid right now.
Thanks
Creating DKDM's
-
- Site Admin
- Posts: 2550
- Joined: Thu Nov 14, 2013 2:53 pm
Re: Creating DKDM's
Roughly speaking:
- Select "Make KDM" and create a new "Cinema" and a new "Screen" within that cinema.
- Set the recipient certificate on that screen to the certificate that you want to make the DKDM for.
- Select the screen you just made in the "Make KDMs" dialogue, choose the output type and click OK.
-
- Posts: 9
- Joined: Tue May 31, 2016 9:35 pm
Re: Creating DKDM's
No I'm sorry it doesn't.
The only way I can get it to decrypt on the system I encoded it on is to ingest the .pem that I exported from DCP-O-MATIC on that system.
I'm so lost I don't know what direction to go anymore on both the encoder system and the second system that I'm trying to Decrypt the file on.
I have two keys and neither seem to allow me to decrypt unless I put in my exported .pem.
Thanks
The only way I can get it to decrypt on the system I encoded it on is to ingest the .pem that I exported from DCP-O-MATIC on that system.
I'm so lost I don't know what direction to go anymore on both the encoder system and the second system that I'm trying to Decrypt the file on.
I have two keys and neither seem to allow me to decrypt unless I put in my exported .pem.
Thanks
-
- Posts: 9
- Joined: Tue May 31, 2016 9:35 pm
Re: Creating DKDM's
I have a ****-user-1_chain.pem and a wm_3_smpte_a.pem and neither seem to work.
The **** is the Name of the Production House that is to receive the DCP.
Does it make sense that the Recipient Certificate has to be my exported .pem for the Decryption to work on the system I Encoded and Encrypted on.
I'm totally clued out and feeling pretty stupid at this point in time.
Do the .pems have to be entered before the encode starts.
Thanks
The **** is the Name of the Production House that is to receive the DCP.
Does it make sense that the Recipient Certificate has to be my exported .pem for the Decryption to work on the system I Encoded and Encrypted on.
I'm totally clued out and feeling pretty stupid at this point in time.
Do the .pems have to be entered before the encode starts.
Thanks
Last edited by technogeek on Tue May 31, 2016 10:35 pm, edited 1 time in total.
-
- Site Admin
- Posts: 2550
- Joined: Thu Nov 14, 2013 2:53 pm
Re: Creating DKDM's
Do you know what wm_3_smpte_a.pem is? Where did it come from?
If you are trying to decrypt an encrypted DCP using only the certificate that it was encrypted for: you can't. You would need the private key that corresponds to the target certificate. Is that what you are trying?
If you are trying to decrypt an encrypted DCP using only the certificate that it was encrypted for: you can't. You would need the private key that corresponds to the target certificate. Is that what you are trying?
-
- Posts: 9
- Joined: Tue May 31, 2016 9:35 pm
Re: Creating DKDM's
Both of these .pems were sent to me in a zip file to create the DKDM with.
Do I have to ingest these before I start the encode.
Absolutely no info came with these files so I actually don't know if they are Private or Public Keys.
I have been trying to get info on them but the person who sent them to me hasn't been able to put me in contact with the right person to talk to.
It happens that I must also deliver this DCP no later than 3PM tomorrow and no one from the Distribution House has given me any help as of yet.
Thanks
Do I have to ingest these before I start the encode.
Absolutely no info came with these files so I actually don't know if they are Private or Public Keys.
I have been trying to get info on them but the person who sent them to me hasn't been able to put me in contact with the right person to talk to.
It happens that I must also deliver this DCP no later than 3PM tomorrow and no one from the Distribution House has given me any help as of yet.
Thanks
-
- Posts: 2807
- Joined: Tue Apr 15, 2014 9:11 pm
- Location: Germany
Re: Creating DKDM's
Never a good idea to start the encryption/decryption business with a deadline and/or before one has understood all implications of the process.
So far we have not been able to actually understand what you are trying to accomplish. No time + no information is a bad combo.
- Carsten
So far we have not been able to actually understand what you are trying to accomplish. No time + no information is a bad combo.
- Carsten
-
- Site Admin
- Posts: 2550
- Joined: Thu Nov 14, 2013 2:53 pm
Re: Creating DKDM's
No, the encode is done using a random key that DCP-o-matic generates. Your DKDM is created by wrapping up this random key so that only the intended recipient can see it.Do I have to ingest these before I start the encode.
If you want, send the .zip file you received to carl@dcpomatic.com and I will have a poke around.
-
- Posts: 9
- Joined: Tue May 31, 2016 9:35 pm
Re: Creating DKDM's
Thanks Carl I can't thank you enough.
This is the first time I've ever created a DCP and I was given two days to figure it all out and get it delivered.
This Video Production Industry has a tendancy to "Last Minute" Everything and it can be frustrating.
It's also such a "Breath of Fresh Air" to have someone out there creating something that we can work with for free.
I will definitely Donate to your cause at some point because the cost of buying DCP Software is overly ridiculous.
I live in a city that does not get high both a lot of Movies or budget Movies and so trying to those costs would be nearly impossible.
Thanks again
This is the first time I've ever created a DCP and I was given two days to figure it all out and get it delivered.
This Video Production Industry has a tendancy to "Last Minute" Everything and it can be frustrating.
It's also such a "Breath of Fresh Air" to have someone out there creating something that we can work with for free.
I will definitely Donate to your cause at some point because the cost of buying DCP Software is overly ridiculous.
I live in a city that does not get high both a lot of Movies or budget Movies and so trying to those costs would be nearly impossible.
Thanks again
-
- Site Admin
- Posts: 2550
- Joined: Thu Nov 14, 2013 2:53 pm
Re: Creating DKDM's
At this point I think you will have to resort to guesswork. The files you sent me don't give much away, so I would be tempted to make 2 KDMs; one using wm_3_smpte_a.pem and one using the certificate at the bottom of the chain file (I'll email you that).
Then send both KDMs and hope they work. There is no way that you can test them yourself: that is the point of the encryption. No-one but the recipient can decrypt the KDMs you make.
The method is as described before: create two "screens" in the KDM dialog and add one certificate to each, then make KDMs and send the XML files that DCP-o-matic writes.
Then send both KDMs and hope they work. There is no way that you can test them yourself: that is the point of the encryption. No-one but the recipient can decrypt the KDMs you make.
The method is as described before: create two "screens" in the KDM dialog and add one certificate to each, then make KDMs and send the XML files that DCP-o-matic writes.