Categories
Knowledge Support Support exacqVision Client Categories Products

SCN-00000005 – IP Camera Secure Video Streaming

SCN #SCN-00000005
Title of SCNIP Camera Secure Video Streaming
TRAC ##12683
Effective Version9.5.21 – Public 9.6
Products AffectedServer
Reason for Change (Summary)With the increase of remote cameras, and as systems become large and more interconnected, it has become increasingly necessary to secure the video stream using SSL.

Change

Several of the IP camera plugins have supported HTTPS connections since 8.4 (Axis/Illustra3), 8.6 (Dahua/HikVision), 8.8 (Samsung) and 9.0 (Acti).  However, this only secured the configuration connection and not the RTSP video stream.

Beginning in 9.6, the Axis and Samsung plugins will support a secure connection for both the configuration and the video stream.  This will be accomplished by tunneling the RTSP traffic through HTTPS.

Some older cameras have the ability to connect over HTTPS, but are not able to stream video securely.  Customers may experience problems after updating to 9.6 if they are using the ‘HTTPS Required’ protocol option.

HTTP – This will cause the camera to connect insecurely over port 80.

HTTPS If Available – This will attempt to connect using SSL.  If it fails, HTTP is used.

HTTPS Required – This will force the IP plugin to connect using SSL and fail if the camera is not configured to use SSL.  Additionally, if the camera supports HTTPS for configuration, the plugin will request a secure video stream as well.

Additional Documentation

https://svn.exacq.org/DVR/wiki/SecureVideoConnection

https://svn.exacq.org/DVR/wiki/IpPluginOverrideOptions

Other information

Beginning with 9.6, the Axis and Samsung plugins will support overrides that force a specific streaming type.

               #transport=udp                   Insecure over UDP

               #transport=tcp                    Insecure over TCP

               #transport=rtsph                 Insecure tunneled over HTTP

               #transport=rtsphs               Secure tunneled over HTTPS

Additionally, the port used for tunneling can be specified with:

tunnelport={1025-65535}

For instance, to connect to a camera at 192.168.1.1 which supports a secure configuration connection, but not a secure video stream, and specify 5544 as the tunnel port, use the following as the ‘Hostname/IP Address’ on the ‘Add IP cameras’ page:

192.168.1.1#transport=rtsph&tunnelport=5544