HTTPS_CER

 

Description

Upload or remove CA-signed HTTPS Certificate to or from the device.
The camera configurations accessed by WEB page is secured through HTTPS. The HTTPS certificate is needed for HTTPS access. The CA-signed certificate is expected to upload by this URL.
The firmware does not know the certificate is valid or not and this certificate is a self-signed or CA-signed. The HTTPS functions does not work if the upload certificate is a CA-signed certificate but privacy key which it was generated when firmware generated the CSR file was lost. The system administrator should care of it.

Important Note:

  1. The HTTPS Certificate will be removed from the device when the device executed the factory default command. That causes the device could not be accessed by HTTPS. User could access the device through HTTP, then. The CONFIG_RESET URL should be used if users want to reset device configurations but keep network configurations including HTTPS certificate.
  2. The device will save the certificate into its flash after the upload automatically.

Input Argument

remove or upload
where
remove: remove the HTTPS certificate from device. (All HTTPS files, CSR, privacy key and certificate, are removed.)
upload: upload the HTTPS certificate to the device.

No error message returned if there is no HTTPS certificate in the device when HTTPS_CER=remove command was received. The "OK" will be returned in this case.

Here is the network trace for the HTTPS certificate upload. The URL in the example is http://172.16.3.14/cgi-bin/update?USER=Admin&PWD=123456&HTTPS_CER=upload.

Stage 1: Send this URL to the device for HTTPS certificate upload

GET /cgi-bin/update?USER=admin&PWD=123456&HTTPS=upload HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: zh-tw
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: 172.16.3.14
Connection: Keep-Alive

Stage 2 : Device reply the URL

HTTP/1.0 200 OK
Content-type: text/html

<html><head><title>UPLOAD FILES</title></head>
<meta http-equiv="PRAGMA" content="NO-CACHE"><body>
<form name="UPLOAD_FORM" method="POST" enctype="multipart/form-data" action="update?HTTPS_CER_SAVE">
Certificate File : <input type="FILE" name="UPLOAD_FILE" value="" size="40">
<br>
<input type="submit" value="Apply" name="URL_FIRMWARE_SUBMIT">
<br>
</form></body></html>

Stage 3: Upload the image file to device and get the return code

POST /cgi-bin/update?HTTPS_CER_SAVE HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://172.16.3.21/cgi-bin/update?USER=admin&PWD=123456&HTTPS_CER=upload
Accept-Language: zh-tw
Content-Type: multipart/form-data; boundary=---------------------------7d8261316e0708
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: 172.16.3.21
Content-Length: 1046
Connection: Keep-Alive
Cache-Control: no-cache

-----------------------------7d8261316e0708
Content-Disposition: form-data; name="UPLOAD_FILE"; filename="certSrv.pem"
Content-Type: application/x-gzip-compressed

......................................

-----------------------------7d8261316e0708
Content-Disposition: form-data; name="URL_FIRMWARE_SUBMIT"

Apply
-----------------------------7d8261316e0708--

Stage 4: device reply this URL

HTTP/1.0 200 OK
Content-type: text/plain
Content-Length: 3

OK

Attribute

Return of Message

HTTPS_CER='none' (if there is no HTTPS certificate)
or
HTTPS_CER='certSrv.pem' (if there is a HTTPS certificate in the device)
or
ERROR: HTTPS_CER not found (not support HTTPS)

Note: The filename of HTTPS certificate in the device is fixed to the certSrv.pem. If the filename of uploaded HTTPS certificate is not certSrv.pem, the device will rename it to certSrv.pem after the upload.

OK (success to upload or remove the certificate)
or
ERROR: HTTPS_CER not found (not support HTTPS)
or
ERROR: internal error. error message. (something wrong in the upload of certificate).

Applicability

Platform Devices Supported Firmware Version
PlatformA Camera, Video server A1D-220-V3.14 and later
PlatformT Camera, Video server A1D-310-V4.10 and later
PlatformK Camera A1D-311-V5.02 and later

Statue

Valid

See also

None

Example

http://ip:port/cgi-bin/update?USER=admin&PWD=123456&HTTPS_CER

http://ip:port/cgi-bin/update?USER=admin&PWD=123456&HTTPS_CER=remove
or
http://ip:port/cgi-bin/update?USER=admin&PWD=123456&HTTPS_CER=upload

Back To

HOME, UPDATE CGI