Requesting and installing encryption certificates - To authorize a client machine to view encrypted data, you must add an encryption certificate to the client machine. You then install the certificate with the private key locally, and transfer the public portion of the certificate to the Archiver responsible for encryption. - Security Center 5.13

Requesting and installing encryption certificates - To authorize a client machine to view encrypted data, you must add an encryption certificate to the client machine. You then install the certificate with the private key locally, and transfer the public portion of the certificate to the Archiver responsible for encryption. - Security Center 5.13 - Administrator guides

Security Center Administrator Guide 5.13

Product

Security Center

Content type

Guides > Administrator guides

Version

5.13

Release

5.13

ft:locale

en-US

Last updated

2026-04-02

To authorize a client machine to view encrypted data, you must add an encryption certificate to the client machine. You then install the certificate with the private key locally, and transfer the public portion of the certificate to the Archiver responsible for encryption.

Before you begin

There are many ways to request and manage digital certificates. Before you proceed, consult your IT department about your company's policies and standard procedures.

What you should know

You can add multiple encryption certificates to Config Tool, but a client machine only needs one certificate installed to view encrypted data.

The encryption certificate contains a pair of public and private keys. The public key is used by the Archiver to encrypt the private data for a specific client machine. The private key is used by the client machine to decrypt the private data.

Best Practice: The private key should never leave the machine on which it is needed.

Procedure

Log on as a local administrator of the client machine.
Add the Certificates snap-in to your local computer account.
Installing the certificates in the local computer store gives you more control over the management of private keys.
Follow your company's procedure for requesting and installing the certificate.
If the client is supposed to have access to encrypted data for a limited time, set the certificate's expiry date accordingly.
If you do not plan to run Config Tool from this computer, do the following:
1. Export the certificate with only the public key to a certificate (.cer) file.
2. Save the certificate file to a location that can be accessed from the workstation from which you plan to run Config Tool.

After you finish

Enable encryption on your Archiver or individual cameras.