Encrypting connection to the SharpOS 12.7 Portal using a self-signed certificate - SharpV | SharpOS 12.7

AutoVu Handbook for SharpV Fixed Installations 12.7

series
SharpV | SharpOS 12.7
revised_modified
2019-08-21

You can secure the SharpV Portal by configuring it using HTTP Secure (HTTPS) using a self-signed SharpV certificate on workstations that must connect to the Sharp Portal and on the server hosting the Archiver role.

Before you begin

  • Read about why the connection to the Sharp Portal should be encrypted.
    IMPORTANT: If your Security Center version is 5.3 SR3 or higher, if you want to add the SharpV unit to the Archiver using HTTPS, you must modify the Archiver's HTTPS options using the instructions in the Knowledge Base article KBA01405.
  • Configure the camera's network configuration to use a static IP address before you install a certificate.
    NOTE: IPv6 static addresses are not supported.

What you should know

  • Your organization's security policy might require that you install either the camera's auto-generated self-signed certificate, or a signed certificate from a trusted certificate authority.
  • You can access the Sharp Portal without installing a certificate, but the browser will indicate that the site is not trusted.
  • As an alternative to generating your own self-signed certificate, you can install the certificate that is auto-generated on the SharpV.
    NOTE: To capture context and LPR images directly from the SharpV using the Record button on the Camera feeds window of the Sharp Portal, you cannot use the camera's auto-generated certificate. You must install a self-signed certificate that includes the IP address of the camera.
  • You can install multiple certificates and then select a specific certificate to activate.
  • For more information on installing certificates that are signed by a trusted authority, see Encrypting connection to the SharpOS 12.7 Portal using a signed certificate.
  • If the IP address of the SharpV changes, you must regenerate and reinstall the self-signed certificate.

Procedure

To encrypt connection to the SharpV Portal using a self-signed certificate:

  1. Log on to the SharpV Portal.
  2. From the Configuration menu, select the Security page.
  3. From the Certificate section, select + Self-signed.
  4. Enter the required information for the certificate and click OK.
    At a minimum, you must enter a two-letter Country code and you must define the Validity (in years). The other fields are optional.
    NOTE: If you are also using the certificate to connect to the Archiver, the Sharp's common name defined in the certificate must be the SharpV IP address, not the SharpV name.
    The message Operation succeeded is displayed and the signing request is added to the certificate list.
  5. Select the Active check box for the certificate.
  6. Click Save and reboot and click OK to confirm the reboot.
    When the you log in to the SharpV, the HTTPS connection policy on the Security page displays Active. A lock icon () in the browser's address bar indicates that you are now logged on to the SharpV with a secure connection.
    NOTE: Depending on the browser you are using, you might receive warnings because the certificate is not signed by a trusted certificate authority.

To install the certificate on a workstation:

  1. Click on the certificate to display the Certificate details.
  2. Click Download certificate and save the certificate file as prompted by your browser.
  3. Double-click the certificate.cer file and click Install Certificate.
  4. The Certificate Import Wizard prompts you to select a store location. Select Local Machine and click Next.
  5. The wizard prompts you to select the certificate store you want to use. Select Place all certificates in the following store and click Browse.
  6. From the Select Certificate Store window, select Trusted root certification Authorities and click OK.
  7. Click Next to continue, and click Finish to close the Certificate Import Wizard.
    The system displays the message "The import was successful."

    If you see a warning indicating that there is a problem with the website's security certificate, note that for the certificate to be properly registered, you must be logged on as an Administrator on the machine where you want to register the certificate.

  8. Close all web browsers and open the Windows Task Manager to ensure that no browser processes are running in the background.
  9. Log on to the SharpV Portal. You are automatically logged on in HTTPS mode.
    A lock icon () in the browser's address bar indicates that you are now logged on to the SharpV with a secure connection.