2 ca signed certificates, Webcctv user manual – Quadrox WebCCTV User Manual User Manual
Page 104
WebCCTV User Manual
104
Version 4.9 Series
Your new self-signed certificate has been generated. From now on it is used for signing the
export movie files.
To export this certificate for transmitting it to a remote location or other purposes, click the
Export button and define the location to store.
Self-signed certificate have the following advantages and disadvantages:
Advantages:
Certificate can be renewed at one's choosing
Custom information (i.e. location of the recorder and contact email,
etc.) can be added which is useful in court
Certificate doesn’t expire
Certificate is free of charge
Disadvantages:
Certificate is not verified by 3
rd
party, so it has limited trust.
Certificate should be explicitly added to the trusted certificates list
on each machine for the verification.
3.3.10.2 CA signed certificates
In spite of the self-signed certificates advantages, this approach is not the most secure. To
improve your security, Quadrox recommends getting a certificate from a trusted certification
authority (CA). There are Certification Authorities (CA) which are explicitly trusted
worldwide so Microsoft pre-installed theirs certificates in the Windows Operating System.
Hence those certificate authorities are trusted by all 3
rd
parties which use a Windows
Operating System. If you get a certificate signed by the CA, you automatically become a
trusted signer in the Windows environment.
To import the CA certificate in the WebCCTV system, follow the steps below:
1. Save the certificate on your WebCCTV server.
2. Specify the exact path to the certificate in the File on server field.
3. Click Import button.
Exported movie files will now be signed by the imported CA certificate. The main advantage
is that you don’t need to install it on each machine since this certificate is pre-installed there.
A certificate loses its “trust value” over time, because the longer it is in place, the higher
chance it has of being compromised. It is recommended that certificates are renewed regularly
and that the old certificate is allowed to expire.
CA certificates have the following advantages and disadvantages:
Advantages:
Certificate is checked by trusted 3
rd
party for maximal security
Certificate doesn’t need to be explicitly added to trusted certificates
list
Certificate expires
Disadvantages:
Certificate must be purchased