Forum Software 3rd Party Software Third Party SSL Cert on Reolink Camera

This topic contains 11 replies, has 7 voices, and was last updated by  Rodolfo Grave 3 months, 2 weeks ago.

Viewing 12 posts - 1 through 12 (of 12 total)
  • Author
    Posts
  • #42435

    ant33t
    Participant

    Hi All,

    Does anyone know if Reolink Camera support 3rd part SSL Certs?

    So I have a website https://hello.me ( for example )

    It redirects to my ISP’s IP 82.X.X.X

    I want to overwrite the self signed cert in the Reolink Camera to my 3rd party one.

    Thanks!

    #42587

    Bob
    Moderator

    Hi ant33t,

    Sorry that Reolink IP cameras don’t support 3rd part SSL Certs. Only HTTPS is supported and embeded.

    #42628

    ant33t
    Participant

    Thanks for the info, any idea if support for this feature is planned?

    I noticed Amcrest Cameras have this function.

    Thanks!

    #42639

    Bob
    Moderator

    Hi ant33t,
    I will forward this request and see what happens.
    Thanks again.

    #97881

    Rodolfo Grave
    Participant

    Hello.

    Are there any updates on this?

    The current setup is not secure, as anyone can create a certificate and perform a man-in-the-middle attack, since the “Issued by reo-link, Issued to reo-link” offers no guarantees. See the attached picture for an idea of what the invalid certificate looks like to the eyes of a safe browser like Chrome.

    One option is to provide the cameras with a certificate signed by a trusted authority, but that’s going to cost Reolink money.

    The cheap alternative is to let people install their own certificates on the cameras so that they can trust their own.

    Could you please follow up on this? If you are serious about security this is a must-have feature.

    The other feature that’s required is the ability to disable non-secure (HTTP) access. At the moment you have to set the HTTP port to a low number (try 1) to achieve that effect, but I have no guarantee it works.

    #146653

    ualex73
    Participant

    Same here, would be nice to install your own SSL certificate … Also that we can disable protocols, like HTTP.

    #228837

    I also request the support for installing your own certificate on the cameras, please consider adding this.

    #234205

    npcarling26
    Participant

    I will throw my hand in in requesting this feature as well. Being able to disable HTTP completely would be nice, and also being able to install my own SSL certificate.

    (2) RLN8-410 NVR
    (5) RLC-410
    (3) RLC 410WS
    (1) RLC-411WS
    (1) RLC-423
    (1) RLC-C2
    (1) RLC-C1 Pro

    #235657

    Carl
    Keymaster

    Sorry that the Reolink cameras do not support the SSL certificate at present. We will forward your request to our R&D people, they will pay close attention to your requirement. We will notify you at the first time as long as we have an update.
    Sorry for any inconvenience caused to you. If you meet the problem when you set this camera, you can send an email to the support@reolink.com, we will help you figure it out. Thanks.

    #235709

    Rodolfo Grave
    Participant

    Hi Carl.

    Reolink has been saying the same for 2 years. This issues was first raised on April 2017, and the answer was very similar to what you just said.

    Reolink products are great in terms of functionality and reliability, but without either:

    1. A pre-installed certificate, signed by a trusted Certificate Authority
    2. The ability for us (owners) to install our own certificates
    3. The ability to shutdown all HTTP (unencrypted) traffic

    The cameras are inheritenly insecure and open to many attacks. CCTV images are obviously very private and ReoLink should offer us a better option than just hope for the best.

    #235720

    ualex73
    Participant

    @rodolfo: yes it is already a long time they ‘promised’ to look into it.

    All across the board i don’t see any improvements on Reolink camera’s, e.g. removing Flash. This is the main reason why I stopped buying Reolink. I am not saying other brands are perfect, but they have it better under control compared to Reolink.

    #235725

    Rodolfo Grave
    Participant

    This is a shame because the most difficult part, the hardware, is pretty good. My cameras have been outdoors for a few years now and they keep giving. Not even a bit of rust anywhere.

    Please, Reolink, fix the software. You are even running standard firmwares, based on Linux, it should be relatively easy to include the modules required to allow for what we are asking, and then more!

    Feel free to get in touch if you need a deeper explanation of what we are asking and the reasons why it’s important, but don’t ignore our concerns or you will keep loosing clients.

Viewing 12 posts - 1 through 12 (of 12 total)

You must be logged in to reply to this topic.