In the following lines I will try to describe how to generate a SSL-Key
and a corresponding CA-Cert so that you can be sure that your browser
connects to the correct site.

first generate a openssl key:

	openssl req -days 365 -new -x509 -nodes -out streamingadminserver.pem -keyout streamingadminserver.pem

Fill out all the questions if you want, but you MUST use
your hostname of your DSS as CN (Common Name).

This key will last for one year. You can use more days if you want to.
Now open the key with 

	vi streamingadminserver.pem

and remove the last block (everything between and including
BEGIN CERTIFICATE and END CERTIFICATE).

Now generate the CA-Cert:

	openssl req -days 365 -new -x509 -key streamingadminserver.pem -out my-ca-cert.pem

Now append the certificate to the key with

	cat my-ca-cert.pem >> streamingadminserver.pem

move the streamingadminserver.pem key to /etc/streaming,
change the owner and the permissions

	sudo mv streamingadminserver.pem /etc/streaming/streamingadminserver.pem
	sudo chown qtss /etc/streaming/streamingadminserver.pem
	sudo chmod 600 /etc/streaming/streamingadminserver.pem

Copy the "my-ca-cert.pem" to your desktop and doubleclick it.
Keychain.app opens now. There should pop up a "Add Certificates" window.
There select "X509Anchors" as Keychain and click OK.

Now (maybe kill and) start the DSS with

        sudo /usr/local/sbin/streamingadminserver.pl

Now you can connect to the DSS. You should see that Safari
switches to port 1240. If not than you need to turn on SSL and
try again. If everything works you should see the page without the

"The certificate for this website was signed by an unknown certifying authority."

message and there should be a lock in the upper right corner of Safari.