TLS Encryption

The EMS web interface is encrypted to provide secure interactions with your devices. When you access the web interface, you are automatically redirected to use HTTPS on port 443. As a result, your web browser requests the security certificate to confirm that the site is trusted.

EMS ships with a self-signed TLS certificate key set which works with any configured server hostname. However, web browsers do not consider self-signed certificates to be trusted, because they are not signed by a Certificate Authority. Consequently, when accessing the website with a self-signed certificate, users see a security warning and are prompted for authorization.

Note

Recent OS updates (particularly MacOS 10.15 and iOS 13, see https://support.apple.com/en-us/HT210176) block access to websites with TLS certificates that have a validity window of more than 825 days. Any custom certificate installed should have a validity window of less than 825 days in order to be supported on macOS. Haivision recommends using CA-signed certificates for production systems.

Supplying EMS with a TLS security certificate eliminates the security warning, provides a means for users to verify a website, and ensures that the connection is secure. See Managing Certificates for more details.