Upload or remove CA-signed HTTPS Certificate to or from the device.
The camera configurations accessed by WEB page is secured through HTTPS. The HTTPS certificate is needed for HTTPS access. The CA-signed certificate is expected to upload by this URL.
The firmware does not know the certificate is valid or not and this certificate is a self-signed or CA-signed. The HTTPS functions does not work if the upload certificate is a CA-signed certificate but privacy key which it was generated when firmware generated the CSR file was lost. The system administrator should care of it.
Important Note:
- The HTTPS Certificate will be removed from the device when the device executed the factory default command. That causes the device could not be accessed by HTTPS. User could access the device through HTTP, then. The CONFIG_RESET URL should be used if users want to reset device configurations but keep network configurations including HTTPS certificate.
- The device will save the certificate into its flash after the upload automatically.
remove or upload
where
remove: remove the HTTPS certificate from device. (All HTTPS files, CSR, privacy key and certificate, are removed.)
upload: upload the HTTPS certificate to the device.No error message returned if there is no HTTPS certificate in the device when HTTPS_CER=remove command was received. The "OK" will be returned in this case.
Here is the network trace for the HTTPS certificate upload. The URL in the example is http://172.16.3.14/cgi-bin/update?USER=Admin&PWD=123456&HTTPS_CER=upload.
Stage 1: Send this URL to the device for HTTPS certificate upload
GET /cgi-bin/update?USER=admin&PWD=123456&HTTPS=upload HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: zh-tw
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: 172.16.3.14
Connection: Keep-AliveStage 2 : Device reply the URL
HTTP/1.0 200 OK
Content-type: text/html
<html><head><title>UPLOAD FILES</title></head>
<meta http-equiv="PRAGMA" content="NO-CACHE"><body>
<form name="UPLOAD_FORM" method="POST" enctype="multipart/form-data" action="update?HTTPS_CER_SAVE">
Certificate File : <input type="FILE" name="UPLOAD_FILE" value="" size="40">
<br>
<input type="submit" value="Apply" name="URL_FIRMWARE_SUBMIT">
<br>
</form></body></html>Stage 3: Upload the image file to device and get the return code
POST /cgi-bin/update?HTTPS_CER_SAVE HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://172.16.3.21/cgi-bin/update?USER=admin&PWD=123456&HTTPS_CER=upload
Accept-Language: zh-tw
Content-Type: multipart/form-data; boundary=---------------------------7d8261316e0708
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Host: 172.16.3.21
Content-Length: 1046
Connection: Keep-Alive
Cache-Control: no-cache
-----------------------------7d8261316e0708
Content-Disposition: form-data; name="UPLOAD_FILE"; filename="certSrv.pem"
Content-Type: application/x-gzip-compressed......................................
-----------------------------7d8261316e0708
Content-Disposition: form-data; name="URL_FIRMWARE_SUBMIT"
Apply
-----------------------------7d8261316e0708--Stage 4: device reply this URL
HTTP/1.0 200 OK
Content-type: text/plain
Content-Length: 3
OK
HTTPS_CER='none' (if there is no HTTPS certificate)
or
HTTPS_CER='certSrv.pem' (if there is a HTTPS certificate in the device)
or
ERROR: HTTPS_CER not found (not support HTTPS)Note: The filename of HTTPS certificate in the device is fixed to the certSrv.pem. If the filename of uploaded HTTPS certificate is not certSrv.pem, the device will rename it to certSrv.pem after the upload.
OK (success to upload or remove the certificate)
or
ERROR: HTTPS_CER not found (not support HTTPS)
or
ERROR: internal error. error message. (something wrong in the upload of certificate).
Platform Devices Supported Firmware Version PlatformA Camera, Video server A1D-220-V3.14 and later PlatformT Camera, Video server A1D-310-V4.10 and later PlatformK Camera A1D-311-V5.02 and later
Valid
None
http://ip:port/cgi-bin/update?USER=admin&PWD=123456&HTTPS_CER
http://ip:port/cgi-bin/update?USER=admin&PWD=123456&HTTPS_CER=remove
or
http://ip:port/cgi-bin/update?USER=admin&PWD=123456&HTTPS_CER=upload