Create the HTTP Self-Signed Certificate.
There are two ways to create HTTPS certificate. In general, people apply the HTTPS certificate for the CA (certification authority) companies. These companies validate your origination before give you signed certificate. This certificate is trusted in most of WEB browsers.
The other method is self-signed certificate. That is simple and free. But, the WEB browsers might block or warn users to access the device because this certificate is unknown.This URL creates the self-signed certificate and save this certificate to device flash. The return of this URL is the self-signed certificate in PEM format. User could copy and paste the return code to the pem file to backup the certificate.
Important Note
- The firmware will removed all HTTPS files (CSR, private key and certificate) before generates the certificate. If it fails to generate self-signed certificate, the original HTTPS files (CSR, private key and certificate) will be restored.
- This command will return error when there is a CSR file in the device. Users have to remove the CSR files first then.
Country,Province,Locality,Org,Division,CommonName,KeyLen,Validity
input argument Max. Length Validation Description Country 2 a~z, A~Z Two characters of the country code. It follows the definition in ISO-3166-1
Firmware does not validate this setting. User has to set it correctly to have a valid certificate.Province 40 refer to the rule of Distinguish Name The state/region where your organization is located. This shouldn't be abbreviated. For example, California Locality 40 refer to the rule of Distinguish Name The city where your organization is located. For example, Los Angeles Org 40 refer to the rule of Distinguish Name The legal name of your organization. This should not be abbreviated and should include suffixes such as Inc., Corp., LTD. or LLC. Division 40 refer to the rule of Distinguish Name The division of your organization handling the certificate. Example, Security Department CommonName 64 refer to the rule of Common Name The fully qualified domain name (FQDN) of your server. This must match exactly what you type in your web browser.
Example, www.security.com, 72.14.203.104 or *.google.comKeyLen 4 512, 1024 or 2048 The private key length. Validity 4 1~9999 The effective duration in days of certificate
- Only ASCII A~Z, a~z, 0~9, minus sign (-), underscore (_), period (.) and space ( ) are allowed.
- The last character must not be a minus sign, underscore or space.
- The first character is allowed to either a letter or a digit.
- No NULL string is allowed
- When IPv4 Address format is used
- unicast IPv4 address only
- When Host Address format is used
The host domain address are separated by period(.).
For example, the host address is 'aaa.bbb.ccc.ddd' and aaa, bbb, ccc, ddd are the host domain addresses separated by period(.).
Characters in every host domain address are limited by following rules.
- Only ASCII A~Z, a~z, 0~9, minus sign(-), underscore(_), asterisk(*) are allowed.
- The last character must not be a minus sign(-), underscore(_), period(.) or asterisk(*).
- The first character is allowed to either a letter, a digit or asterisk.
- If the first character is asterisk (wildcard certificate is applied), the period has to be right after asterisk. Example, *.google.com
- If the asterisk is at the head on common name, the asterisk has not be seen in the rest of common name.
- No NULL string is allowed
Return message when the self-signed certificate was crested successfully
-----BEGIN CERTIFICATE REQUEST----- MIIBrjCCARcCADBvMQswCQYDVQQGEwJBVTEMMAoGA1UECBMDUUxEMREwDwYDVQQH EwhQb3J0bGFuZDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjENMAsGA1UECxME U1NQTzEVMBMGA1UEAxMMd3d3LkFubmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN ADCBiQKBgQDZ1R1hg1cYf0OdOCjDjv+fknXboaB7uZ5FCtvG8EBvxXMR4HBCYSwW wkGe5PIHIDpB/TYxwbI/2N5APE/wBsXc4oYT/1fdUOPQPVt2aGH3jDvetTGFmV+j tKRsUYn5wj1WG+NB5hejcVBQrbuc1OkQtONOd3AUiohWvtig0gzR1QIDAQABoAAw DQYJKoZIhvcNAQEEBQADgYEAgbaQb5jeVquBan/lGqDlbtv4P//7AyGKiRfbfYYT gE+Q4K14cm+URxoIYYCd+6PFRfKcbvzGUCqCvsQkSw6Sad3nYNQanx2OOJPU+DYP oFggP/V4bfj7LdDi8lRrBiPELLc39uJ6xUewzRS0RvaRdZ98uBGeGSvNepvV/YN1 2pI= -----END CERTIFICATE REQUEST-----Invalid argument was found
ERROR: invalid parameters
or
ERROR: HTTPS_CER_CREATE is write-onlynot support HTTPS
ERROR: HTTPS_CER_CREATE not found
Platform Devices Supported Firmware Version PlatformA Camera, Video server A1D-220-V3.14 and later PlatformT Camera, Video server A1D-310-V4.10 and later PlatformK Camera A1D-311-V5.05 and later
Valid
HTTPS_CSR_NAME, HTTPS_CER_NAME, HTTPS_CSR_PROP, HTTPS_CER_PROP, HTTPS_CSR_CREATE, HTTP_CSR_REMOVE
http://ip:port/cgi-bin/system?USER=admin&PWD=123456& HTTPS_CER_CREATE=US,California,Los Angeles,MySecurity Ltd.,Security Department,www.mysecurity.com,1024,365
or
http://ip:port/cgi-bin/cmd/system?HTTPS_CER_CREATE=US,California,Los Angeles,MySecurity Ltd.,Security Department,www.mysecurity.com,1024,365