50
Certificates are used to authenticate devices on a network. The device supports two types of certificates:
• Client/server certificates
A client/server certificate validates the device’s identity, and can be self-signed or issued by a
Certificate Authority (CA). A self-signed certificate offers limited protection and can be used before a
CA-issued certificate has been obtained.
• CA certificates
You can use a CA certificate to authenticate a peer certificate, for example to validate the identity of
an authentication server when the device connects to a network protected by IEEE 802.1X. The device
has several pre-installed CA certificates.
These formats are supported:
• Certificate formats: .PEM, .CER, and .PFX
• Private key formats: PKCS#1 and PKCS#12
Important
If you reset the device to factory default, all certificates are deleted. Any pre-installed CA certificates are
reinstalled.
Add certificate : Click to add a certificate.
• More : Show more fields to fill in or select.
• Secure keystore: Select to use Secure element or Trusted Platform Module 2.0 to securely store the
private key. For more information on which secure keystore to select, go to help.axis.com/en-us/axis-
os#cryptographic-support.
• Key type: Select the default or a different encryption algorithm from the drop-down list to protect
the certificate.
The context menu contains:
• Certificate information: View an installed certificate’s properties.
• Delete certificate: Delete the certificate.
• Create certificate signing request: Create a certificate signing request to send to a registration
authority to apply for a digital identity certificate.
Secure keystore :
• Secure element (CC EAL6+): Select to use secure element for secure keystore.
• Trusted Platform Module 2.0 (CC EAL4+, FIPS 140-2 Level 2): Select to use TPM 2.0 for secure
keystore.
Network access control and encryption
AXIS Q8752-E Mk II Bispectral PTZ Network Camera
To Next Page
Loading...
