beautypg.com

2 ca signed certificates, Qguard user manual – Quadrox QGuard User Manual User Manual

Page 104

background image

QGuard User Manual

104

Version 4.9 Series

Your new self-signed certificate has been generated. From now on it is used for signing the
export movie files.

To export this certificate for transmitting it to a remote location or other purposes, click the
Export button and define the location to store.

Self-signed certificate have the following advantages and disadvantages:

Advantages:

 Certificate can be renewed at one's choosing
 Custom information (i.e. location of the recorder and contact email,

etc.) can be added which is useful in court

 Certificate doesn’t expire
 Certificate is free of charge

Disadvantages:

 Certificate is not verified by 3

rd

party, so it has limited trust.

 Certificate should be explicitly added to the trusted certificates list

on each machine for the verification.

3.3.10.2 CA signed certificates

In spite of the self-signed certificates advantages, this approach is not the most secure. To
improve your security, Quadrox recommends getting a certificate from a trusted certification
authority (CA). There are Certification Authorities (CA) which are explicitly trusted
worldwide so Microsoft pre-installed theirs certificates in the Windows Operating System.
Hence those certificate authorities are trusted by all 3

rd

parties which use a Windows

Operating System. If you get a certificate signed by the CA, you automatically become a
trusted signer in the Windows environment.

To import the CA certificate in the QGuard system, follow the steps below:

1. Save the certificate on your QGuard server.
2. Specify the exact path to the certificate in the File on server field.
3. Click Import button.

Exported movie files will now be signed by the imported CA certificate. The main advantage
is that you don’t need to install it on each machine since this certificate is pre-installed there.

A certificate loses its “trust value” over time, because the longer it is in place, the higher
chance it has of being compromised. It is recommended that certificates are renewed regularly
and that the old certificate is allowed to expire.

CA certificates have the following advantages and disadvantages:

Advantages:

 Certificate is checked by trusted 3

rd

party for maximal security

 Certificate doesn’t need to be explicitly added to trusted certificates

list

 Certificate expires

Disadvantages:

 Certificate must be purchased

See also other documents in the category Quadrox Video surveillance systems: