EasyManua.ls Logo

Axis P3737-PLE - Page 33

Axis P3737-PLE
60 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
AXISP37-PLEPanoramiccameraseries
Thewebinterface
Certicatesareusedtoauthenticatedevicesonanetwork.Thedevicesupportstwotypesofcerticates:
Client/servercerticates
Aclient/servercerticatevalidatesthedevice’sidentity,andcanbeself-signedorissuedbyaCerticateAuthority(CA).
Aself-signedcerticateofferslimitedprotectionandcanbeusedbeforeaCA-issuedcerticatehasbeenobtained.
CAcerticates
YoucanuseaCAcerticatetoauthenticateapeercerticate,forexampletovalidatetheidentityofanauthentication
serverwhenthedeviceconnectstoanetworkprotectedbyIEEE802.1X.Thedevicehasseveralpre-installedCA
certicates.
Theseformatsaresupported:
Certicateformats:.PEM,.CER,and.PFX
Privatekeyformats:PKCS#1andPKCS#12
Important
Ifyouresetthedevicetofactorydefault,allcerticatesaredeleted.Anypre-installedCAcerticatesarereinstalled.
Filterthecerticatesinthelist.
Addcerticate:Clicktoaddacerticate.
More:Showmoreeldstollinorselect.
Securekeystore:SelecttouseSecureelementorTrustedPlatformModule2.0tosecurelystoretheprivatekey.For
moreinformationonwhichsecurekeystoretoselect,gotohelp.axis.com/en-us/axis-os#cryptographic-support.
Keytype:Selectthedefaultoradifferentencryptionalgorithmfromthedrop-downlisttoprotectthecerticate.
Thecontextmenucontains:
Certicateinformation:Viewaninstalledcerticate’sproperties.
Deletecerticate:Deletethecerticate.
Createcerticatesigningrequest:Createacerticatesigningrequesttosendtoaregistrationauthoritytoapply
foradigitalidentitycerticate.
Securekeystore
:
Secureelement(CCEAL6+):Selecttousesecureelementforsecurekeystore.
TrustedPlatformModule2.0(CCEAL4+,FIPS140-2Level2):SelecttouseTPM2.0forsecurekeystore.
IEEE802.1x
IEEE802.1xisanIEEEstandardforport-basednetworkadmissioncontrolprovidingsecureauthenticationofwiredandwireless
networkdevices.IEEE802.1xisbasedonEAP(ExtensibleAuthenticationProtocol).
ToaccessanetworkprotectedbyIEEE802.1x,networkdevicesmustauthenticatethemselves.Theauthenticationisperformedby
anauthenticationserver,typicallyaRADIUSserver(forexample,FreeRADIUSandMicrosoftInternetAuthenticationServer).
Certicates
WhenconguredwithoutaCAcerticate,servercerticatevalidationisdisabledandthedevicetriestoauthenticateitself
regardlessofwhatnetworkitisconnectedto.
Whenusingacerticate,inAxis'implementation,thedeviceandtheauthenticationserverauthenticatethemselveswithdigital
certicatesusingEAP-TLS(ExtensibleAuthenticationProtocol-TransportLayerSecurity).
Toallowthedevicetoaccessanetworkprotectedthroughcerticates,youmustinstallasignedclientcerticateonthedevice.
Clientcerticate:SelectaclientcerticatetouseIEEE802.1x.Theauthenticationserverusesthecerticatetovalidatethe
client’sidentity.
33

Table of Contents

Other manuals for Axis P3737-PLE

Preview: Installation Guide
Installation Guide28 pages

Related product manuals