Applies to Models: Wisenet Cameras and NVRs
Summary:
HTTPS communication ensures information, such as the user name and password, is encrypted when passed from the browser to the camera/NVR. This is facilitated by the use of SSL Certificates. Certificates can be bought from a Certificate Authority (CA), but it is also possible to create self signed certificates using SSL. A self signed certificate is one that is issued by a general user and not a CA.
This article shows how to create and use Self Signed certificates to enable HTTPS communication between cameras and NVRs.
Step By Step Guide:
To create a Self Signed certificate and Private Key:
- Use OpenSSL with the following command:
openssl req -x509 -sha256 -days 1000 -newkey rsa:2048 -keyout rootCA.key -out rootCA.crt
The Certificate file (.crt) and private Key file are created and installed on the camera.
While the connection is still encrypted, the browser will not recognize the certificate because it was not issued by a CA.
The browser will warn you the certificate is not valid and the web page is not secure.
Any malicious third party could redirect the connection using another self-signed certificate bearing the same holder name, meaning the website might not be the intended target, i.e., a fake website made to look like the intended one.
This is just a warning from the browser and does not mean there is an issue with the camera or the NVR website.