Sony IPELA SNC-RH124 User Manual
Page 52
A
d
mini
s
tra
ting
t
he
Came
ra
Setting the SSL function — SSL Menu
52
1
Set the SSL function to On, and select Allow
HTTP connection for some clients.
2
Click OK to close the main viewer and the setting
window.
3
Display the main viewer in SSL connection.
Refer to “Using the SSL function” on page 13 for
connection.
4
After checking that SSL connection is possible,
cancel Allow HTTP connection for some clients
selected in step 1.
Even if the setting window or the browser is closed as
SSL connection is impossible, http connection will be
possible if Allow HTTP connection for some clients is
selected. First check the setting contents of SSL tab in
http connection, then check the SSL connection again.
If Allow HTTP connection for some clients is not
selected, you will not be able to access the camera if SSL
connection becomes impossible. In this case, turn on the
power of the main unit while pressing the reset switch on
the camera to initialize. For details, refer to the supplied
Installation Manual.
Note
SSL connection will load the camera down; therefore,
not all images may be downloaded, and the
mark
may appear when the camera accesses the setting
window from the browser. In this case, reload the
window. Press the F5 key on the keyboard to reload.
Certificate options
Select an installation mode of the certificate.
Use an external certificate: Uses the certificate
including private key information issued by a CA.
The PKCS#12 and PEM formats are supported.
Note
Even if the SSL function is set to On, it is not active in
the following cases:
– When Use an external certificate is selected in
“Certificate options,” and also when the certificate and
the private key password are not set properly.
Use the camera’s built-in certificate (For test use):
This mode uses the certificate and private key pair
generated by “Generating a self-signed certificate”
on page 52. Private key information corresponding
to the certificate is stored in the camera.
You do not need to install an external certificate.
However, you cannot execute the existence proof that
is one of the SSL functions for the following reasons.
– The private key generated in the camera is self-
signed by the camera.
– A prepared value is set for a distinguished name
(Common name, etc).
– The certificate is not issued by a trusted CA.
For reasons of security, we recommend using this
mode only when there is no problem even if perfect
security is not saved.
Notes
• When Use the camera’s built-in certificate (For test
use) is selected, the Security Alert dialog appears on
the SSL connection with a browser.
For details, refer to “Using the SSL function”
(page 13).
• SSL connection may be impossible due to the type of
certificate installed in the camera. In this case, refer to
“How to install the CA certificate” on page 54 and
install.
Certificates
Import, display or delete the certificate.
To import the certificate
Click Browse... to select the certificate to be imported.
Click Submit to import the certificate, and the selected
file to the camera.
Note
The import process becomes invalid if the selected file is
not a certificate or the imported certificate is not
allowed.
Generating a self-signed certificate
A self-signed certificate can be generated in the camera
to be used when Use the camera’s built-in certificate
(For test use) is selected from Certificate options.
Click Generate to generate a self-signed certificate in
the camera. Clicking Generate again after Generate
has been clicked once will update the self-signed
certificate stored in the camera.
To display certificate information
When the certificate has been set in the camera correctly,
its information appears on Status, Issuer DN, Subject
DN, Validity Period and Extended Key Usage.
Status
Shows if the status of the certificate is valid or invalid.
The following statuses are recognised.
Valid: The certificate is correctly stored and set.
Invalid: The certificate is not correctly stored and set.
Possible causes are as follows: