Configuring encrypted streaming for H.264 video - Security Center 5.9.0.0

Security Center Video Unit Configuration Guide 5.9.0.0

series
Security Center 5.9.0.0
revised_modified
2020-02-07
category_custom
Guides
Guides > User guides
prodname_custom
Security Center unified platform > Security Center
vrm_version
5.9

For added security, end-to-end encrypted streaming is supported for H.264 video on Axis cameras. This means that video is encrypted by the camera and then decrypted on the client machine when viewing the video. You must be using the correct firmware, and your camera must be configured to use HTTPS.

What you should know

Security Center supports the following end-to-end secure connection types for Axis SRTP ready devices with firmware 7.30 or later:
  • RTSPS over HTTPS/SRTP
  • RTSPS over TCP/SRTP
  • RTSPS Multicast/SRTP
  • RTSPS Unicast/SRTP
IMPORTANT: RTSP over HTTPS/RTP is also supported (using older Axis firmware that does not support RTSP over SRTP). However, this connection type does not provide end-to-end encryption.

Procedure

For SRTP end-to-end encryption connection types (RTSPS), do the following:

  1. Configure the camera to use the RTSPS protocol.
  2. Add the camera to Security Center.
  3. Turn on Encryption for the camera. You can do this in the advanced settings of the Recording tab of the camera, or in the advanced settings of the Camera default settings tab of the Archiver that is managing the camera.
  4. If you do not set a certificate for RTSPS, the default (self-signed) certificate is automatically set. If the certificate default is not on the unit or if another certificate is preferred, do the following:
    1. Navigate to: http://{CameraIP}/admin/config.shtml?group=Network.
    2. Enter the name of the certificate in Certificate id.

For RTSP over HTTPS/RTP connection (firmware without SRTP support), do the following:

  1. Click the Extensions tab, and then click the Axis extension.
  2. Make sure the Use RTSP over HTTPS when available setting is turned ON.
  3. (Optional) If your camera is using a default logon, the Use HTTPS setting should be set to ON under Default logon.
  4. On the Video tab of the camera under Network settings, make sure that the Connection type for the stream that is being used is set to RTSP stream over HTTP.
    Tip: To view the status of the encrypted stream, open the Video task and double-click the appropriate camera. The Encrypted field lists the status of the encrypted stream. Click Show diagnostic information to see the connection type being used.