How to configure SSL HTTPS protocol

2020-04-03 FAQ 207 views shaofu

1. Get the certificate file and password, and convert the certificate format to: tomcat needs to use the jks format certificate , media server and websocket need .pem format certificate. About how to convert certificate format please check it from this link:

https://www.icarvisions.com/faq/how-to-convert-certificate-format-529.html


2. Place the certificates files under ... \ IVMS Server \ cert file path (Create it if there is none)


How to configure SSL HTTPS protocol Picture1


3. Modify ... \ IVMS Server \ tomcat \ conf \ server.xml file and then find:


How to configure SSL HTTPS protocol Picture2


Such part and modified to the following: ( the front symbol “ <!– ” and the left “–>” need to be delete.)


 <Connector port=“ssl port protocol=“HTTP/1.1” SSLEnabled=“true”
maxThreads=“150” scheme=“https” secure=“true”
clientAuth=“false” sslProtocol=“TLS”
keystoreFile=“.jks format certificate filepath
keystorePass= certificate password />


Here is the example link:

http://120.24.66.218:88/ts/wp-content/uploads/server-1.xml)


4. Restart the server and see if you can open the web page using https and ssl port.


How to configure SSL HTTPS protocol Picture3


5. Above about how to configure the Web with HTTPS; And below will introduce how to configure media server and websocket with SSL .

6. Change the addresses of media server and Websocket to domain names:

Install all the sub-server programs on one server , click the network address of the server management , fill in the domain name to the white box on the public network, and click OK


How to configure SSL HTTPS protocol Picture4


If you use cluster server then you need to go to the web management page or modify the IP address which bound to the domain name in the server_info table from MySQL.


7. Modify ... \ IVMS Server \ IVMSSSLServer.ini configuration file: (only need to set up websocket and media server)

[Settings]

Count = number of servers

CrtFile2In1 = certificate file path where the PEM format certificate in. ( Here this certificate format must be CERTIFICATE + RSA PRIVATE KEY)

[Server0] // Count from 0, one part can only monitor one port number, and one server can configure multiple ports number. Like the example link internal , media server monitor several ports like 5604,15604,15605, 15606 and 15608.

name = Server name + ssl

Enabled = 1 // 1 is enabled,  0 is disabled

SSL_Enabled = 1

HTTPS_Enabled = 1

Listen = external ssl port

Targets = Internal service ports (i.e. the original service ports and you can find it from Server management)


Here is the example link:

http://120.24.66.218:88/ts/wp-content/uploads/IVMSSSLServer.ini

8. Adding media server and websocket port in MySQL server_info table.


How to configure SSL HTTPS protocol Picture5

Open the server_info table from MySQL and add the SSL external ports (PortClientSSL and PortClientOtherSSl are on the far right by default as in above picture)

 

A part write media server main external SSL port, B part write other external SSL ports which also open for media media, and C part write external SSL ports for websocket, use ; to separate multiple ports, like 8604;8605;8606;8607

 

* If the server version is too old, there may be a problem that symbols cannot be filed in the database. You need to update the server and MySQL.

 

* All the ports number which will be filled in A /B /C must be consistent with Step7  IVMSSSLServer.ini configuration file ports number same. For example: in the example INI configure files, here A part need fill in 5604, B part fill in 15604;15605;15607;15608; and C part fill in 5075

 

* Check the server IP details, except for LANIP, all other IP need to write the domain name.


How to configure SSL HTTPS protocol Picture6


9. Use admin to log in the Web platform and modify the Gateway server configuration. ( The ports should be consistent as the IVMSSSLServer.ini file, and select enable SSL service.)


How to configure SSL HTTPS protocol Picture7


10. Change below HTTP to HTTPS in same configuration file paths: (http to https)


How to configure SSL HTTPS protocol Picture8


How to configure SSL HTTPS protocol Picture9


11. Oversea server software does not have SSL service, you need to download the IVMSSSLServer from below link, and the decompress the file to server BIN folder, then restart the server:

https://www.dropbox.com/s/8ajsof27ubpskdc/IVMSSSLServer.7z?dl=0

12. Login the web test if you can see the video on Web.

FAQ DOWNLOAD

How to configure SSL HTTPS protocol Picture10How to configure SSL HTTPS protocol.docx


Still Have Questions?

If you would like help finding the right information to meet your requirement please leave us a message below, one of our sales representatives will be happy to assist you shortly!

Micheal Mariana(Spanish) Zach Fan Vivien Kong Amily Frank Liu Aali Tan Chris Yang