0

I have a question about SSL (self signed certificate) in connection with a subdomain.

The following scenario:

there exists a Motobix camera, which is reachable via a fixed IP. (Example: 192.120.203.32) The goal is to achieve the display of the image in the browser via https.

Procedure:

On a separate web server, I have made DNS settings for a domain. I created an A-record for a subdomain that points to the IP of the camera. (Example: video.domain.com) For the camera itself, I created a self-signed certificate via the admin interface, whose "Common Name" contains the subdomain (video.domain.com), through which the camera should be accessed in the browser.

Unfortunately, however, the certificate is marked as invalid. Have I forgotten something important here or have I fundamentally misunderstood something?

Thank you very much for your competent answers.

asored
  • 101
  • 1
  • Did you set the SAN as well? That's usually the reason –  Dec 13 '21 at 10:20
  • Have you added the CA to the browser? – vidarlo Dec 13 '21 at 10:21
  • @MechMK1 No, on the Admin Interface I have no option to add a SAN. Is there a way to add it afterwards? – asored Dec 13 '21 at 10:25
  • No, certificates can't be edited afterwards. You have to create your own certificate, then set it on the server –  Dec 13 '21 at 10:58
  • @MechMK1: I've created a new certificate on the server with SAN included with openSSL and installed it on the camera. But the browser still not trust this website.. :/ – asored Dec 13 '21 at 14:10
  • And why? What is the error? –  Dec 13 '21 at 16:17
  • OP, By default, a web browser will not consider a self-signed certificate to be trusted, unless the certificate is added to the browser's trust store. See https://security.stackexchange.com/questions/112768/why-are-self-signed-certificates-not-trusted-and-is-there-a-way-to-make-them-tru and https://security.stackexchange.com/questions/162901/how-to-force-browser-to-trust-a-self-signed-cert for more info. – mti2935 Dec 14 '21 at 02:07

0 Answers0