AXIS P3363–V Network Camera
System Options
Certicates
CA Certicate The CA certicate is used to validate the identity of the authentication server. Enter the path to
the certicate directly, or locate the le using the Browse button. Then click Upload. To remove
a certicate, click Remove.
Client certicate
Client private key
The client certicate and private key are used to authenticate the network device. They can be
uploaded as separate les or in one combined le (e.g. a PFX le or a PEM le). Use the Client
private key eld if uploading one combined le. For each le, enter the path to the le, or locate the
le using the Browse button. Then click Upload. To remove a le, click Remove.
Settings
EAPOL version
Select the EAPOL version (1 or 2) as used in your network switch.
EAP identity
Enter the user identity (maximum 16 characters) associated with your certicate.
Private key password
Enter the password (maximum 16 characters) for the private key.
Enable IEEE 802.1X
Check the box to enable the IEEE 802.1X protocol.
IEEE 802.1X
IEEE 802.1X is a standard for port-based Network Admission Control providing secure authentication of wired and wireless network
devices. IEEE 802.1X is based on EAP (Extensible Authentication Protocol).
To access a network protected by IEEE 802.1X, devices must be authenticated. The authentication is performed by an authentication
server, typically a RADIUS server, examples of which are FreeRADIUS and Microsoft Internet Authentication Service.
In Axis implementation, the Axis product and the authentication server identify themselves with digital certicates using EAP-TLS
(Extensible Authentication Protocol - Transport Layer Security). The certicates are provided by a Certication Authority (CA).
You need:
• a CA certicate to authenticate the authentication server
• a CA-signed client certicate to authenticate the Axis product.
To create and install certicates, go to System Options > Security > Certicates. See Certicates, on page 43. Many CA certicates
are preinstalled.
To allow the product to access a network protected by IEEE 802.1X:
1. Go to System Options > Security > IEEE 802.1X.
2. Select a CA Certicate and a Client Certicate from the lists of installed certicates.
3. Under Settings, select the EAPOL version and provide the EAP identity associated with the client certicate.
4. Check the box to enable IEEE 802.1X and click Save.
Note
For authentication to work properly, the date and time settings in the Axis product should be synchronized with an NTP
server. See Date & Time, on page 44.
Certicates
Certicates are used to authenticate devices on a network. Typical applications include encrypted web browsing (HTTPS), network
protection via IEEE 802.1X and secure upload of images and notication messages for example via email. Two types of certicates
can be used with the Axis product:
Server/Client certicates - to authenticate the Axis product
43