Axis A8207-VE Mk II - Page 50

• Client/server certificates

A client/server certificate validates the device’s identity, and can be self-signed or issued by a

Certificate Authority (CA). A self-signed certificate offers limited protection and can be used before a

CA-issued certificate has been obtained.

• CA certificates

You can use a CA certificate to authenticate a peer certificate, for example to validate the identity of

an authentication server when the device connects to a network protected by IEEE 802.1X. The device

has several pre-installed CA certificates.

These formats are supported:

• Certificate formats: .PEM, .CER, and .PFX

• Private key formats: PKCS#1 and PKCS#12

Important

If you reset the device to factory default, all certificates are deleted. Any pre-installed CA certificates are

reinstalled.

Add certificate : Click to add a certificate. A step-by-step guide opens up.

• More : Show more fields to fill in or select.

• Secure keystore: Select to use Trusted Execution Environment (SoC TEE), Secure element or Trusted

to select, go to help.axis.com/en-us/axis-os#cryptographic-support.

authority to apply for a digital identity certificate.

Secure keystore :

• Trusted Execution Environment (SoC TEE): Select to use SoC TEE for secure keystore.

• Secure element (CC EAL6+): Select to use secure element for secure keystore.