Sony CH240 Security Camera User Manual


 
Administrating the Camera
Setting the SSL function — SSL Menu
58
When you use SSL connection for the first time
When you use SSL connection only with the SSL
function On, you cannot access the camera if the SSL
function does not work properly.
In this case, you must reset the camera to the factory
settings. (All settings will be initialized.)
To avoid this, check that SSL connection is possible by
performing the following steps.
1
Set the SSL function to On, and select Allow
HTTP connection for some clients.
2
Click OK to close the main viewer and the setting
window.
3
Display the main viewer in SSL connection.
Refer to “Using the SSL function” on page 15 for
connection.
4
After checking that SSL connection is possible,
cancel Allow HTTP connection for some clients
selected in step 1.
Even if the setting window or the browser is closed as
SSL connection is impossible, http connection will be
possible if Allow HTTP connection for some clients is
selected. First check the setting contents of SSL tab in
http connection, then check the SSL connection again.
If Allow HTTP connection for some clients is not
selected, you will not be able to access the camera if SSL
connection becomes impossible. In this case, turn on the
power of the main unit while pressing the reset switch on
the camera to initialize. For details, refer to the supplied
Installation Manual.
Note
SSL connection will load the camera down; therefore,
not all images may be downloaded, and the mark
may appear when the camera accesses the setting
window from the browser. In this case, reload the
window. Press the F5 key on the keyboard to reload.
Certificate options
Select an installation mode of the certificate.
Use an external certificate: Uses the certificate
including private key information issued by a CA.
The PKCS#12 and PEM formats are supported.
Note
SSL is not available when Certificate options-Use an
external certificate is selected, or certificate and private
key password is not set properly even SSL is set to “ON
Use a self-signed certificate (For test use): This mode
uses the certificate and private key pair generated by
“Generating a self-signed certificate” on page 58.
Private key information corresponding to the
certificate is stored in the camera.
You do not need to install an external certificate.
However, you cannot execute the existence proof that
is one of the SSL functions for the following reasons.
The private key generated in the camera is self-
signed by the camera.
A prepared value is set for a distinguished name
(Common name, etc).
The certificate is not issued by a trusted CA.
For reasons of security, we recommend using this
mode only when there is no problem even if perfect
security is not saved.
Notes
When Use a self-signed certificate (For test use) is
selected, the Security Alert dialog appears on the
SSL connection with a browser.
For details, refer to “Using the SSL function”
(page 15).
SSL connection may be impossible due to the type of
certificate installed in the camera. In this case, refer to
“How to install the CA certificate” on page 60 and
install.
Certificates
Import, display or delete the certificate.
To import the certificate
Click Browse... to select the certificate to be imported.
Click Submit to import the certificate, and the selected
file to the camera.
Note
The import process becomes invalid if the selected file is
not a certificate or the imported certificate is not
allowed.
Generating a self-signed certificate
A self-signed certificate can be generated in the camera
to be used when Use a self-signed certificate (For test
use) is selected from Certificate options.
Click Generate to generate a self-signed certificate in
the camera. Clicking Generate again after Generate
has been clicked once will update the self-signed
certificate stored in the camera.
Note
Make sure to set the date and time on the camera
correctly before performing this operation. If the date
and time are not correctly set, it may cause browser
connection problems.