5 Browse images on your OUYA by hosting an OUYA game store that delivers
6 image folders as games.
13 - Web server (e.g. Apache 2.2)
16 - Access to your DNS server
22 1. Create a SSL certificate authority, install its root cert on your OUYA
23 (advanced settings, security, install from SD card)
24 2. Create an SSL certificate for ``*.ouya.tv``, sign it with your CA certificate.
25 See the `SSL certificate generation`_ instructions below
26 3. Create a virtual host in Apache, set the server name to ``devs.ouya.tv``
27 and alias to ``www.ouya.tv`` and ``status.ouya.tv``.
28 Let it use the generated certificate.
29 Point the document root to the ``ouya-imagestore/www/`` folder.
30 Make sure it's the only SSL host, or the first vhost with SSL
31 (OUYA does not support SNI).
32 4. Copy ``data/config.php.dist`` to ``data/config.php`` and change the
33 ``basedir`` variable to a folder that contains subfolders with images.
34 5. In your DNS server, set ``devs.ouya.tv``, ``www.ouya.tv`` and
35 ``status.ouya.tv`` to the apache machine's IP.
36 6. Power up your OUYA. Start the store ("Discover").
38 You will see your image folders with a preview image each.
39 Opening the "game" folder displays all images as game screenshots.
43 SSL certificate generation
44 ==========================
45 First, generate your own certificate authority (CA)::
48 $ openssl genrsa -out rootCA.key 2048
49 $ openssl req -x509 -new -nodes -key rootCA.key -days 1024 -out rootCA.pem
51 Then, create a certificate and sign it with your CA's key::
53 $ openssl req -new -x509 -nodes -config ouya.tv-cert-req.cnf -out selfcert-ouya.tv.pem -keyout selfcert-ouya.tv.key -days 730
55 $ openssl genrsa -out selfcert-ouya.tv.key 1024
56 $ openssl req -new -config ouya.tv-cert-req.cnf -key selfcert-ouya.tv.key -out selfcert-ouya.tv.csr
57 $ openssl x509 -req -in selfcert-ouya.tv.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out selfcert-ouya.tv.crt -days 730 -extfile ouya.tv-cert-req.cnf
61 $ openssl req -text -noout -verify -in selfcert-ouya.tv.csr
65 $ openssl x509 -in selfcert-ouya.tv.crt -text -noout
67 Note that the OUYA store application does not use SNI (Server Name Indication).
68 This means that your server's ``*.ouya.tv`` must be delivered first when no
69 host name is indicated by the client, thus the vhost has to be the first
70 of all in the configuration.