Enable server encryption for recording servers or remote servers
マネジメントサーバーとレコーディング サーバー、またはData Collectorを使用している他のリモート サーバー間では双方向接続を暗号化できます。
システムに複数のレコーディングサーバーまたはリモートサーバーが含まれている場合は、すべてのレコーディングサーバーとリモートサーバーで暗号化を有効に設定する必要があります。
詳細については、XProtect VMSの保護方法に関する証明書ガイドを参照してください。
When you configure encryption for a server group, it must either be enabled with a certificate belonging to the same CA certificate or, if the encryption is disabled, then it must be disabled on all computers in the server group.
Prerequisites:
- You have enabled encryption on the management server, see Enable encryption to and from the management server.
-
On a computer with a Management Server or Recording Server installed, open the Server Configurator from:
- The Windows Start menu
or
- The server manager, by right-clicking the server manager icon on the computer task bar
-
In the Server Configurator, under Server certificate, turn on Еncryption.
-
Click Select certificate to open a list with unique subject names of certificates that have a private key and that are installed on the local computer in the Windows Certificate Store.
- Select a certificate to encrypt communication between the recording server, management server, failover server, and data collector server.
- Click Apply.
Select Details to view Windows Certificate Store information about the selected certificate.
The Recording Server service user has been given access to the private key. It is required that this certificate is trusted on all clients.
When you apply certificates, the recording server will be stopped and restarted. Stopping the Recording Server service means that you cannot record and view live video while you are verifying or changing the recording server's basic configuration.