Authentication and Encryption (Server/Client)

For client-server communication, we use 128 bit AES encryption in combination with Diffie-Hellman key exchange.  By default, the key is updated every 5 minutes.  This is true for all data except video stream, audio stream and blob (map images, etc…) data. For server-camera/device communication, the encryption is camera dependent and does not use SSL.  We… Continue reading Authentication and Encryption (Server/Client)

ESM API landing page is not password protected

Description Using the <host>/api URL, it will take you to the ESM deprecated landing page. If you do not have a session in ESM, you can see these landing page and discover endpoints. You are not able to use the endpoints, but we want to password protect landing pages too.

Legacy Authentication disabled by default on new installations

Description  “Legacy Authentication” refers to the less secure connection methods used prior to our current authentication mode introduced in exacqVision Server/Client version 6.8.  This article explains how to enable legacy authentication mode, so newer clients using advanced authentication methods can connect to older server software versions. Product  Steps to Reproduce  Expected Results  Actual Results  Solution Workaround… Continue reading Legacy Authentication disabled by default on new installations

Vivotek Cameras Fail to Connect “Connection error (403)”

Description  Some Vivotek cameras require Basic Authentication.  This should be indicated in the Notes section of the cameras test record.  The camera will not connect if digest authentication is selected. Product  Vivotek IP CamerasexacqVision Server Steps to Reproduce  Add a Vivotek Camera Expected Results  Camera connects Actual Results  The camera does not connect and a… Continue reading Vivotek Cameras Fail to Connect “Connection error (403)”

Troubleshooting Active Directory Error Messages

Error: “Client Side Kerberos Authentication Failed” Cause: The setspn command was not run on all Active Directory Servers, or there is a duplicate SPN. Solution: On the DC, run the setspn command as directed in the appropriate ExacqVision Active Directory setup guide, or run setspn -X to check for duplicates. If a duplicate is found,… Continue reading Troubleshooting Active Directory Error Messages

Validating ExacqVision Video (also known as Watermarking or Authentication)

The validation standard used in ExacqVision is known as HMAC, for Hashed Message Authentication Code, and uses a cryptographic hash and secret cryptographic key. HMAC is used by ExacqVision to verify the integrity of exported video. The ExacqVision Client software calculates and writes out the message authentication code (MAC) during file export. The ExacqVision ePlayer… Continue reading Validating ExacqVision Video (also known as Watermarking or Authentication)