Skip to main content

Certificate Settings

The following tables list the configurable Haivision Media Platform Certificate settings.

Note

Please contact your Network Administrator if you are unsure what to enter in any of these fields or if you are unsure whether the setting is required on your network.

Generate Certificate or Private Key

SettingDescription
NameEnter a unique name under which the certificate is stored on HMP, as well as listed on the Certificate pane
Type

Select the Signature Type:

  • Self-signed: The certificate is generated and signed by the system, and the name is added to the list of Identity Certificates.
  • Certificate Signing Request: A request is generated, and its name is added to the list of Identity Certificates. The request is located in your home directory (accessible through the CLI), or you may export it by clicking on the View button and copying the content into a new file in a text editor. In its generated form, this certificate is still a request and cannot be used as an Identity Certificate before it is signed by a CA, and imported back.
Digest Algorithm

Select the digest algorithm (Secure Hash Algorithm):

  • SHA-256
  • SHA-384
  • SHA-512
Subject

The Subject identifies the device being secured, in this case, HMP. Enter the subject in the form: "/C=…/ST=…/L=…/O=…/OU=…/CN=…" where the most common attributes are:

  • /C Two Letter Country Name
  • /ST State or Province Name
  • /L Locality Name
  • /O Organization Name
  • /OU Organizational Unit Name
  • /CN Common Name

Tip

For successful authentication, the Common Name in the certificate should be the IP address (by default) or domain name of the device.

V3 Extension

V3 extensions allow more configuration options to be inserted in the Code Signing Request, such as alternative subject names and usage restrictions to certificates. See SSL Certificates and Subject Alternative Names for more details.

To add one or more Subject Alternative Names, enter the same information that would go in the extensions section of an OpenSSL configuration file. For example:

TEXT
[ req ]
req_extensions = v3_req
[ v3_req ]
# Extensions to add to a certificate request
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = server1.example.com
DNS.2 = mail.example.com
DNS.3 = www.example.com
DNS.4 = www.sub.example.com
DNS.5 = mx.example.com
DNS.6 = support.example.com

Import Certificate

SettingDescription
Type

Select the certificate type:

  • Certificates: (Identify/CA-chains/Bundles)
  • Private Key + Certificate Pair
NameName of the certificate.
Format

Select the file format for the certificate (The formats differ in the way the file is encrypted):

  • Auto: Detected from the file extension
  • der (Distinguish Encoding Rules)
  • pkcs #7
  • pkcs #12
PasswordIf the imported certificate contains a password-protected private key, type its password in this field. Leave this field empty if the file is not password-protected.
Certificate File

Drag a certificate file to the drop area or click Choose a file to choose a file to upload.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.