Another hidden feature of Netcam Studio is the possibility to run it on HTTPS.
In order to serve Video Streams, Web Content and Web Services over HTTPS, you need to perform the following steps:
1. Purchase or Generate your own SSL Certificates
The first step is to obtain the certificates. If you want the certificates to be trusted and not displaying any warning to the user, they have to be issued by a trusted authority like www.verisign.com
Alternatively, for testing or internal use, it is possible to generate your own certificates. You will have to generate the following:
- CA Certificate
- SSL Certificate matching the CA
For Windows 7 and 8
The following scripts allow generating those certificates for testing:
They need to be modified in order to reflect your company’s information. The password has to be changed (you’ll need it later). Then, run the 2 scripts to generate the CA certificate and the SSL certificate.
Once the certificates have been generated, they both need to be installed on the computer running Netcam Studio. Double-click on the certificate and let Windows install them. For the SSL Certificate, enter the password that was set during generation of certificates.
For Windows 10 and PowerShell
Run PowerShell ISE as an Administrator -> PS C:\WINDOWS\system32>
Always stay in this library.
Generate a new self-signed certificate with a suitable dns name. Here I use ncs.local
New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname ncs.local
The just generated certificate plus existing lists
Generate a password. Here I use test
$pwd = ConvertTo-SecureString -String “test” -Force –AsPlainText
Export the certificate to the pfx-format. The name Thumbprint in the command below should be exchanged with the long hexadecimal string shown above specific for your certificate name. The resulting file is called server.pfx and located in the root c:\
export-pfxcertificate -cert Thumbprint -filepath c:\server.pfx -chainoption buildchain -password $pwd
Use Windows Explorer and go to the file location c:\ and install the certificate by double-click on it.
Copy the certificate to C:\Program Files\Netcam Studio - 64-bit
Open Manage Computer Certificates
In the folder Personal -> Certificates you find the ncs.local
copy ncs.local to the folder Trusted Root Certification Authorities -> Certificates
2. Configure Netcam Studio to Serve over SSL
Then, it is necessary to copy the SSL Certificate (default name server.pfx) into the folder where Netcam Studio is located (Program Files\Netcam Studio) and edit Netcam Studio (X and Service) configuration file:
Under the appSettings category, add new settings with the keys WebServerCertificate and WebServerCertificatePass as shown in the example.
The certificate’s name and password must match the filename copied into the program’s folder and the password you have chosen during generation of certificates or received from the trusted authority.
<add key="EventLogsRetentionDays" value="2" />
<add key="BypassSecurity" value="false" />
<add key="WebServerPort" value="8100" />
<add key="ServerTcpPort" value="8120" />
<add key="ServerHttpPort" value="8124" />
<add key="ServerHost" value="localhost" />
<add key="WebServerCertificate" value="server.pfx" />
<add key="WebServerCertificatePass" value="test" />
3. Enabling SSL in Netcam Studio Client (Windows)
There is still only partial support for HTTPS on Client side, we will look forward to complete it soon.
In order that Netcam Studio Client accepts connecting over HTTPS, it is necessary to modify also its configuration file (NetcamStudio.Client.exe.config).
For this purpose, modify the endpoint corresponding to http:// to https:// under system.serviceModel, *client, as shown below:
<endpoint address="https://localhost:8124/Soap" binding="customBinding" bindingConfiguration="soapEndpoint" contract="Moonware.Server.WCF.Interface.IMoonwareServerWCF" name="soapEndpoint" />
4. Enabling SSL in Web / SmartPhone Clients
When paragraphs 1 to 3 are done it is now possible to also use the web client and with https / SSL. When using the web browser connect to NCS using https. When adding login information also enable https / SSL. If you have made a self-generated certificate the server will answer with a red text Not secure.
This indicates that the certificate do not match the domain on which Netcam Studio is accessed. However, the connection is secured.
To not get the warning it is necessary to buy a certificate from a trusted authority as mentioned earlier. The very important part is that the certificate must match the domain on which Netcam Studio will be accessed.
https / SSL for mobile App is not running yet. In the meantime please use the browser.