For client-server communication, we use 128 bit AES encryption in combination with Diffie-Hellman key exchange. By default, the key is updated every 5 minutes. This is true for all data except video stream, audio stream and blob (map images, etc…) data. For server-camera/device communication, the encryption is camera dependent and does not use SSL. We… Continue reading Authentication and Encryption (Server/Client)
Tag: Authentication
ESM API landing page is not password protected
Description Using the <host>/api URL, it will take you to the ESM deprecated landing page. If you do not have a session in ESM, you can see these landing page and discover endpoints. You are not able to use the endpoints, but we want to password protect landing pages too.
Legacy Authentication disabled by default on new installations
Description “Legacy Authentication” refers to the less secure connection methods used prior to our current authentication mode introduced in exacqVision Server/Client version 6.8. This article explains how to enable legacy authentication mode, so newer clients using advanced authentication methods can connect to older server software versions. Product Steps to Reproduce Expected Results Actual Results Solution Workaround… Continue reading Legacy Authentication disabled by default on new installations
Vivotek Cameras Fail to Connect “Connection error (403)”
Description Some Vivotek cameras require Basic Authentication. This should be indicated in the Notes section of the cameras test record. The camera will not connect if digest authentication is selected. Product Vivotek IP CamerasexacqVision Server Steps to Reproduce Add a Vivotek Camera Expected Results Camera connects Actual Results The camera does not connect and a… Continue reading Vivotek Cameras Fail to Connect “Connection error (403)”
Troubleshooting Active Directory Error Messages
Error: “Client Side Kerberos Authentication Failed” Cause: The setspn command was not run on all Active Directory Servers, or there is a duplicate SPN. Solution: On the DC, run the setspn command as directed in the appropriate ExacqVision Active Directory setup guide, or run setspn -X to check for duplicates. If a duplicate is found,… Continue reading Troubleshooting Active Directory Error Messages
Validating ExacqVision Video (also known as Watermarking or Authentication)
The validation standard used in ExacqVision is known as HMAC, for Hashed Message Authentication Code, and uses a cryptographic hash and secret cryptographic key. HMAC is used by ExacqVision to verify the integrity of exported video. The ExacqVision Client software calculates and writes out the message authentication code (MAC) during file export. The ExacqVision ePlayer… Continue reading Validating ExacqVision Video (also known as Watermarking or Authentication)