Https protocol is Hyper Text Transfer Protocol over Secure Socket Layer. With this protocol,
the data transmitted can be encrypted to enhance security level.
NVR products provide self-signed certificate, which means the user can use a free Https
certificate on local area network. Or, user can install signed certificate or create
certificate request.
This article shows how to configure HTTPS protocol in 3 ways.
1. Self-signed certificate
Self-signed certificate is a private certificate which provides users with a secure
link to access to the NVR. It’s highly recommended to be used in local area network.
Access to the webpage of device (NVR is the sample device in this article), go to
Configuration-Network-Advanced Settings-HTTPS:
Choose Create Self-signed certificate and click create, input the basic information and
click ok.
Check Enable and click Save, a self-signed certificate will be installed into the device.
The address format of https is https://IPaddress:Port, notice that all self-signed
certificate will pop out below hint, click Continue to this website.
2. Create certificate request
Our NVR products supports quick-export certificate request, you can upload this request
to some official certificate authorities.
Click Create, input basic information of certificate, notice that fixed public IP address or
domain name is required as Hostname/IP.
Notice: Don’t input request password for NVR which runs an older firmware version than
V3.4.62.
After creating request, download the file to PC. This request should be used to apply for official
https certificate.
3. Install signed certificate
After certificate is signed by official authority, user can install it to the NVR. Notice that
the public IP address or domain name must match the device’s actual IP address. User
can access to device with https link in public network.
Notice:
(1) Only PEM format certificate is supported;
(2) NVR can only recognize the certificate which is generated basing on the request
exported by itself;
(3) A new signature is required when user re-uploads the certificate
Example Procedure:
- For this Procedure I have used GoDaddy to purchase a Certificate from a Registered CA
- After you have purchased the certificate it will be listed under your My Products section in GoDaddy
- Log into your NVR and goto: Configuration – Network – Advanced Settings – HTTPS
- Select the “Create the certificate request first and continue the installation.
- Click the “Create” Button
- Enter your Country and Hostname or IP Address Only and press the “OK” button
- After you have entered your 2 digit Country Code and Hostname/IP Address; Download and Save the Certificate Request to your PC
- Open the file that you just saved with Wordpad or a text reader application. Copy all the information including and starting with “BEGIN CERTIFICATE REQUEST” to “END CERTIFICATE REQUEST” as seen in the image below
- Go to your GoDaddy account, My Products and select Setup
- Paste the text from your Certificate Request that you copied in Step 8 into the CSR field. Agree to the terms and press Request Certificate
- After you have submitted you will need to validate your Domain. GoDaddy will send you instructions on how to do this. In the instructions they will list a unique key that you will need to add to a new Text Field in your DNS settings.
- It will take about 30 minutes for your Certificate to be validated and can you check the status within your GoDaddy My Products -Manage
- After your Certificate has been authorized you will be able to download
- Select Server Type as “Other” and download and save your CA Certificate. Save on your PC where you will have access.
- Unzip your file and there will be to files provided by GoDaddy.
- Return to your NVR Configuration: Network – Advanced Settings – HTTPS.
- Browse to the file that you unziped and press the install button
- After the Certificate is installed you will need to Enable and save your settings
- Now you can verify that you are Secure . Enter HTTPS://your_Domain.com and you will see the secure link
