Enabling fusion stream encryption (Advanced) - Security Center 5.9

Security Center Hardening Guide 5.9

Security Center 5.9

To protect the privacy of your data, you can enable fusion stream encryption either on the Archiver role or on individual cameras.

Before you begin

Request and install the encryption certificates on the client machines authorized to access your company's private data.

What you should know

Only the public portion of the certificate is required to be installed on the Archiver.
It is not necessary to install the certificates on the Archiver server. The encryption certificates are applied to the Archiver through Config Tool. For this reason, Config Tool must have access to the certificates, either from the certificate store of the local machine, or from exported certificate (.cer) files.
IMPORTANT: To enable encryption, you must add at least one certificate to the Archiver.


  1. From the Config Tool home page, open the Video task.
  2. Do one of the following:
    • To enable encryption on the Archiver, select the Archiver role to configure, and click the Camera default settings tab.
    • To enable encryption on a camera, select the camera to configure, click the Recording tab, and then click Custom settings.
  3. Click Show advanced settings.
  4. From the Encryption list, select In transit and at rest.
  5. Under Certificates, click Add an item ().
    The Select certificate dialog box opens.
  6. If the encryption certificates are installed on your local computer, select them from the Installed certificates list, and click OK.
  7. If the encryption certificates are not installed on your local computer, find and install them:
    1. Select Browse certificate file.
    2. Click the browse icon () and navigate to the folder where the certificates files are saved.

      The browser looks for X.509 Certificates files by default. If you do not find the files you want, look for Personal Information Exchange files instead.

    3. Select the certificates you want, and click Open.
    4. If the certificate file is password-protected, click the advanced show icon () and enter the password.
    5. (Optional) Click Validate file to make sure the selected file contains a public key.
    6. Click OK.
  8. Click Apply.


The Archiver starts encrypting all data streamed from the selected cameras. Only client workstations with one or more private key portions of certificates are able to view the data recorded from now on.