beautypg.com

Webcctv user manual, Version 4.9 series, Certificate management screen – Quadrox WebCCTV User Manual User Manual

Page 146: Step 6 – checking the signature, Digital signature verifier main screen

background image

WebCCTV User Manual

146

Version 4.9 Series

Certificate Management Screen

4. Transport the exported certificate to the target machine and double click on it. The

Certificate Information screen will appear.

5. Click Install Certificate button and follow further instructions leaving all settings by

default. A Security Warning window will appear.

6. To make sure that you are installing the exact certificate you need, find the

Thumbprint line in the Security Warning window and compare it with the thumbprint
of the original certificate on the recorder. If the thumbprints match, click Yes.

To learn advanced ways to make the certificate explicitly trusted, see Appendix A.

Step 6 – Checking the signature

Once the certificate is trusted, the signature message can be decoded. Because the certificate
is trusted, we know that a) the information in the signature is correct (wasn’t changed) and b)
the signature was produced on the recorder from which the movie is claimed to have
originated. If the signature was forged, the certificate will not decode it.
Inside the signature, a hash value links the certificate uniquely to the movie file. By
recalculating the hash in the courtroom, we can be sure that a) this signature belongs to this
particular movie and b) the movie hasn’t changed since the signature was created. If the
movie was forged, the hash value would be different and the signature invalid.

These actions are performed automatically by the Digital Signature Verifier tool.

Digital Signature Verifier main screen

1. Open the Digital Signature Verifier tool.
2. Enter the locations of the movie and signature files and click the Verify button.