I'm attempting to use a EXT-X-SESSION-KEY tag to retrieve the decryption information from our CDN in the multivariant manifest. So far that has worked quite well.
The problem is that I use two kind of media playlist manifests, one for playback using CDN and one for playback without CDN if the CDN one fails. CDN playback is encrypted, non-CDN playback is not encrypted.
Before using EXT-X-SESSION-KEY I was just adding the EXT-X-KEY in the CDN media playlist manifest, but this forced me to not encrypt the init segment, and encryption of the init segment is kind of a must now, so that's why I moved to the session key, to be able to encrypt init segments.
The problem now is that the session key is being applied to both media playlist manifests (no wonder), so now the player is trying to decrypt non encrypted segments :)
I've tried adding EXT-X-SESSION to the Index or multivariant manifest, but this caused the key to be applied to every segment, even segments that don't need encryption.
I've tried to use EXT-X-KEY with method NONE in the non-CDN manifest, this seems to work, but I'm worried that the init segment of that manifest will be decrypted too once I release to production.
I'm expecting segments that don't need encryption to not be encrypted. And segments that use encryption to be decrypted (even init or MAP segment)