Axis P3905-RE User Manual page 40

AXIS P3905-RE Network Camera
About system options
HTTPS
HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web protocol providing encrypted browsing.
HTTPS can also be used by users and clients to verify that the correct device is being accessed. The security level provided by
HTTPS is considered adequate for most commercial exchanges.
The Axis product can be configured to require HTTPS when users from different user groups (administrator, operator, viewer) log in.
To use HTTPS, an HTTPS certificate must first be installed. Go to System Options > Security > Certificates to install and manage
certificates. See About certificates on page 40.
To enable HTTPS on the Axis product:
1. Go to System Options > Security > HTTPS
2. Select an HTTPS certificate from the list of installed certificates.
3. Optionally, click Ciphers and select the encryption algorithms to use for SSL.
4. Set the HTTPS Connection Policy for the different user groups.
5. Click Save to enable the settings.
To access the Axis product via the desired protocol, in the address field in a browser, enter https:// for the HTTPS protocol
and http:// for the HTTP protocol.
The HTTPS port can be changed on the System Options > Network > TCP/IP > Advanced page.
About certificates
Certificates are used to authenticate devices on a network. Typical applications include encrypted web browsing (HTTPS) and secure
upload of images and notification messages for example via email. Two types of certificates can be used with the Axis product:
Server/Client certificates - To authenticate the Axis product. A Server/Client certificate can be self-signed or issued by a Certificate
Authority (CA). A self-signed certificate offers limited protection and can be used before a CA-issued certificate has been obtained.
CA certificates - To authenticate peer certificates, for example the certificate of an authentication server. The Axis product is
shipped with several preinstalled CA certificates.
Note
• If the product is reset to factory default, all certificates, except preinstalled CA certificates, will be deleted.
• If the product is reset to factory default, all preinstalled CA certificates that have been deleted will be reinstalled.
How to create a self-signed certificate
1. Go to Setup > System Options > Security > Certificates.
2. Click Create self-signed certificate and provide the requested information.
How to create and install a CA-signed certificate
1. Create a self-signed certificate, see How to create a self-signed certificate on page 40.
2. Go to Setup > System Options > Security > Certificates.
3. Click Create certificate signing request and provide the requested information.
4. Copy the PEM-formatted request and send to the CA of your choice.
5. When the signed certificate is returned, click Install certificate and upload the certificate.
40